November 20, 2023
Severity Medium Analysis Summary Agent Tesla is a very popular spyware Trojan built for the.NET framework. Since its initial appearance in 2014, this has been deployed […]
Rewterz Threat Alert – Ratsnif – OceanLotus’s New Network Vermin
July 2, 2019Rewterz Threat Advisory – CVE-2019-6623 – F5 Multiple BIG-IP Products Denial of Service Vulnerability
July 3, 2019Rewterz Threat Alert – Ratsnif – OceanLotus’s New Network Vermin
July 2, 2019Rewterz Threat Advisory – CVE-2019-6623 – F5 Multiple BIG-IP Products Denial of Service Vulnerability
July 3, 2019
Severity
Medium
Analysis Summary
Large spam campaign impersonating invoices. Title “E-Invoice Orange” is attached brushaloader, which will download the banking Trojan danabot currently attacking clients of different banks.
Impact
Credential theft
Indicators of Compromise
URLs
- sinoposdssf[.]info
- statusnim[.]info
- tefidnsops[.]info
Filename
E-Invoice Orange
Malware Hash (MD5/SHA1/SH256)
- 15fe51b93401fcf1ef6856e9d43504d8
- 75f293b994dde5394dd955003e11ffc78a29c158
Remediation
- Block all threat indicators from your respective controls.
- Always be suspicious about emails sent by unknowns senders.
- Never click on the link/ attachments sent by unknown senders.