Rewterz Threat Alert – Hive Ransomware – Active IOCs
September 2, 2021Rewterz Threat Advisory – Multiple Apache Zeppelin Vulnerabilities
September 3, 2021Rewterz Threat Alert – Hive Ransomware – Active IOCs
September 2, 2021Rewterz Threat Advisory – Multiple Apache Zeppelin Vulnerabilities
September 3, 2021Severity
High
Analysis Summary
Cyber espionage actors, aka APT32 (OceanLotus Group), are carrying out intrusions into private sector companies across multiple industries and have also targeted foreign governments, dissidents, and journalists. APT32 leverages a unique suite of fully-featured malware, in conjunction with commercially available tools, to conduct targeted operations that are aligned with Vietnamese state interests.
Impact
- Information Theft and Espionage
Indicators of Compromise
Filename
- sqlite3[.]dll
MD5
- 5d37d6cd6d359cbdbda2cc7bad141a7f
SHA-256
- ab13f819640599a62575b5d999fb530d8f1baf12d2b40cac533171420e6ac647
SHA-1
- df23bae4a6270b23f58719d8601845268d7d2c03
Remediation
- Block all the threat indicators at your respective controls.
- Search for IOCs in your environment.