Rewterz Threat Alert – AZORult Malware – Active IOCs
October 4, 2021Rewterz Threat Alert – FormBook Malware – Active IOCs
October 4, 2021Rewterz Threat Alert – AZORult Malware – Active IOCs
October 4, 2021Rewterz Threat Alert – FormBook Malware – Active IOCs
October 4, 2021Severity
High
Analysis Summary
Cryptbot is delivered as a Trojan malware. The Cryptbot Trojan Malware hides within legitimate software in order to be installed by its victims. Some malicious websites and many of them appear on the top pages such as cracks and serials of popular commercial software are entered in search engines, many victims have downloaded this malware and execute on their systems.
Impact
- Credential Theft
- Information Theft
- Expose of Sensitive Data
Indicators of Compromise
MD5
- cb5e9fa4a078cf6ee53f2aa4f86307ee
- 7a11540ebe747bab94e1adb29a95115f
- a35cdb08c8c4b9dc06e73e220e6171b0
- 0ec853303cbf6b1510466c7a8fac41b3
- 09151abdacdf7f5b9a7449f1a1eedf4d
- 864bdb5058812652dbdf4c94cbc57e24
- b3eb4f102bfdebf63846dee86f385444
- 894e7586817bfdf276c5e1a3aad1dc0f
- 71113af6d184f9cdd28f35836b5ebbc5
- 9a745c32c2018a757b999cc46ab1f4cc
- 0f64ddd766bc02d60538e1c0fe754b40
SHA-256
- d957feb6138afa93ff11d210b5f63559f112f40a0c3534ae769fc180902cdb7d
- 0e86541596a3c2b757192470ccad8addc0c48a8973d0e8b30a55a10eed16d686
- 4338455a669ade5c278337dbfb3121c9083dacd051e0868c2a781fda61b27b36
- d202c0e7fb20f6becc56075ad7d102f7cc0633087a78cf1ba056d9f566be837e
- 1e60df2998f83cc041cdfd52421ed43c3f5cc9804d8557dce7e3ebc4090b336b
- d45b89c5e6c74dc4c2c3fbe46f8bced888f2a20eea41473ad1c57462d3f9e610
- 2d135ba7293fa1efabbd29e8630e7c75ae93762a6e0fcac0e462e0ec32ff1bcf
- 07ddae4f4d7e95d1b20f68913820e6d88dfb1c3481e3faade72d7c1e6f4ae0f7
- 1c4b02f432df1bf0719a271e86df5fc2fe03a2a99f0c97042b78dd176b3174eb
- 70d01c6918c07b4cd0daa9b2c688fbd7e0e2e6f77831c9bd351be29a7991e1d3
- 63d9d211e1fae3e169ecd91e81e7ce5f10c43c35a2194340cbd85341dc323c4f
SHA-1
- 74ec3c1865be2a7be6e8a882a5386898b6d41cdf
- cde8c33a3a288f528f9a4083cd9f0ee5dc3fd849
- 581beafd5ee9c927f3fb13116be56f5fcdfd084a
- 58ed849f84a561cfce9daec9c1cd407a68b34196
- 95f159bc5124855e3158da41075d4a21ad88abe1
- 38f845493e16c74caae273a1f9e9e1fcef36317f
- 3dba9310185850a0ab92cac7289377a242339496
- cee6632d2f28da071dcd244e695fbb1d1b13eef3
- 23950117a742b4caffae3891d4fff612e22ff4d9
- 18519bc309e8d7582f7840a2ff1b4f12efb54e30
- 602601fb918e937f3d0cde16a9bd0259401c8dd8
Remediation
- Block all threat indicators at your respective controls
- Search for IOCs in your environment.