Rewterz Threat Advisory – Multiple Adobe Security Vulnerabilities
September 2, 2021Rewterz Threat Alert – GuLoader Malspam Campaign – Active IOCs
September 2, 2021Rewterz Threat Advisory – Multiple Adobe Security Vulnerabilities
September 2, 2021Rewterz Threat Alert – GuLoader Malspam Campaign – Active IOCs
September 2, 2021Severity
High
Analysis Summary
AZORult is a payment card and credential information stealer. It was sold on Russian underground forums as a means to collect sensitive information from infected systems. The malware is also able to steal cookies, browsing history, cryptocurrency, and ID/passwords. Exploits such as phishing emails and Fallout Exploit Kit (EK) paired with social engineering techniques are major infection vectors of the AZORult malware. The malware can also be used as a loader to download other malware.
Impact
- Information Theft
- Credential Theft
- Exposure of Sensitive Data
Indicators of Compromise
MD5
- b27a73bf37f9c4cc6cb15cc2c33e1437
- c15e14c3d2754f39fb12586831d1c5f8
- 3a1e5f74e0d70bf0ec8439fffbf0bb22
SHA-256
- d4972e632408d130ac20c21fff113636a07cee0fbb133c713222167e37a661a0
- 866444d9139177a3c6dc187dccd1629a48b402c6ee401075c13d51e6224cc1ca
- abefceafcf523eefa54d0dcbf7911bd1d1e4245d223ed43297a862b3d0d78a90
SHA-1
- ed7e3fcec25ff46faa34761fffeffa386efd4963
- 5db81b8e550ac1c91161927715484cacaaa323a6
- a685b6952fb1a3477b39eb404ce0b5477c7c2c37
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment.