Rewterz Threat Advisory –CVE-2022-32532 – Apache Shiro Vulnerability
June 30, 2022Rewterz Threat Advisory –CVE-2022-31746 – Mozilla Firefox for iOS Vulnerability
June 30, 2022Rewterz Threat Advisory –CVE-2022-32532 – Apache Shiro Vulnerability
June 30, 2022Rewterz Threat Advisory –CVE-2022-31746 – Mozilla Firefox for iOS Vulnerability
June 30, 2022Severity
Medium
Analysis Summary
AveMaria RAT – aka WarzoneRAT – is a remote access trojan that targets Windows systems that provides the capability to gain unauthorized access to a victim’s PC or allow covert surveillance of it. It acts as a keylogger, can steal passwords, escalate privileges, and much more. AveMaria, like most malware, first arrives at systems as a result of phishing emails (as invoices and shipping orders), but is also available on the dark web for subscriptions. This malware-as-a-service RAT is written in C++ that has been available for purchase since at least 2018.
Impact
- Unauthorized Access
Indicators of Compromise
MD5
- 5a18b22b51555ec0faacb93d9221f58b
- 6ababef47e0c4db6a58e880040978091
SHA-256
- 66bda5dcb334d6262e8054b45e074fd15678959586af84d63b3a10b070f2eaf7
- 30fa4691911cf0bd37d966c900dde7fb0ec9532df556eb8d9951a0b24c81bc00
SHA-1
- 5186b8b3e9368c112425fb534f34e94bdbe4d778
- ccb31f06a6a218d8202353f9e6292a6c01477d9a
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment.