Rewterz Threat Alert – RedLine Stealer – Active IOCs
June 2, 2022Rewterz Threat Advisory –CVE-2020-3161 – Cisco IP Phones Vulnerability
June 2, 2022Rewterz Threat Alert – RedLine Stealer – Active IOCs
June 2, 2022Rewterz Threat Advisory –CVE-2020-3161 – Cisco IP Phones Vulnerability
June 2, 2022Severity
High
Analysis Summary
Clay -aka Gray Hat ransomware, is a software-type ransomware. It operates by encryption data to demand ransoms for the decryption. In other words, this ransomware renders victims’ files inaccessible and asks them to pay to restore access to their data, the encryption extension is “.clay”.
Below mention of a message encouraging users to pay a ransom to decrypt their compromised data:
Impact
- File Encryption
Indicators of Compromise
MD5
- 1c1727332d9ea4128e0b6e5f9480d8f1
SHA-256
- 6bbe8827a69c7b1d4760fd3271d5759ee079343930b511fdec4d011c47b16a43
SHA-1
- 9719b7cdb0e674fe91f24e7e72bdbac3b0cb902d
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment.