Rewterz Threat Alert – RedLine Stealer – Active IOCs
April 5, 2022Rewterz Threat Alert – Deep Panda APT Group – Active IOCs
April 5, 2022Rewterz Threat Alert – RedLine Stealer – Active IOCs
April 5, 2022Rewterz Threat Alert – Deep Panda APT Group – Active IOCs
April 5, 2022Severity
High
Analysis Summary
Black Guard stealer is a newly developed info stealer malware. It is often delivered by malicious software disguised as a Windows Update file, a bogus MS Office installer, computer cleanup software, etc. Black Guard can steal information, including FTP accounts, autofill content, conversations in messenger software, cryptocurrency credentials, saved browser credentials and history, emails client data, and other account information. Telegram, Signal, Tox, Element, and Discord are among the targeted messengers. This malware is designed to harvest valuable data, including system information, screenshots, network traffic, and online account credentials including those used to access financial services and the banking sector.
Impact
- Steal Sensitive Information
- Credential Theft
- Steal Password
- Banking Information Theft
Indicators of Compromise
MD5
- eb6c563af372d1af92ac2b60438d076d
SHA-256
- 67843d45ba538eca29c63c3259d697f7e2ba84a3da941295b9207cdb01c85b71
SHA-1
- 9895725811ae5fda88629781daaa439c95a4976e
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment.