Rewterz Threat Alert – FormBook Malware – Active IOCs
August 20, 2021Rewterz Threat Advisory – ICS – Siemens SINEMA Vulnerability
August 22, 2021Rewterz Threat Alert – FormBook Malware – Active IOCs
August 20, 2021Rewterz Threat Advisory – ICS – Siemens SINEMA Vulnerability
August 22, 2021Severity
High
Analysis Summary
Cyber espionage actors, aka APT32 (OceanLotus Group), are carrying out intrusions into private sector companies across multiple industries and have also targeted foreign governments, dissidents, and journalists. APT32 leverages a unique suite of fully-featured malware, in conjunction with commercially available tools, to conduct targeted operations that are aligned with Vietnamese state interests.
Impact
- Information Theft and Espionage
Indicators of Compromise
Filename
- OInfo11[.]OCX
MD5
- e79a99f73671a482680fff448f5c4679
SHA-256
- 006afddc2fdfb5d1dc10f6b3ab6036e6ccfad055ac0713d5bb4091d0bec96c5f
SHA-1
- 2cad67d58d97828eecd101bc00a46db530b0401e
Remediation
- Block all the threat indicators at your respective controls.
- Search for IOCs in your environment.