November 20, 2023
Severity Medium Analysis Summary Agent Tesla is a very popular spyware Trojan built for the.NET framework. Since its initial appearance in 2014, this has been deployed […]
Rewterz Threat Alert – Lazarus APT Group – IOCs
June 9, 2020Rewterz Threat Advisory – CVE-2020-11975 – Apache Unomi code execution Vulnerability
June 9, 2020Rewterz Threat Alert – Lazarus APT Group – IOCs
June 9, 2020Rewterz Threat Advisory – CVE-2020-11975 – Apache Unomi code execution Vulnerability
June 9, 2020
Severity
High
Analysis Summary
Emissarypanda is a Chinese threat group that has extensively used strategic Web compromises to target victims.The group has been active since at least 2010 and has targeted organizations in the aerospace, government, defense, technology, energy, and manufacturing sectors. The group was involved in cyber espionage campaigns aimed at new generation weapons and in surveillance activities on dissidents and other civilian groups.
Impact
Exposure of sensitive data
Indicators of Compromise
MD5
- b738b6e125c24f55a06011694cedb11c
- 58851a68bb9b3ee9afbea2de55d2d50e
- 9a1bfe3002e64c70bdf8271c44a3ced9
SHA-256
- 6e1e74b0a064cc7d9aba8e485417632d7a55e0ff4ba9b078358ce9dd8b85ece4
- 6d65770d26fe05bb1800792bb0b3ccfd3cd2e5d5471e71cab897c0f9fb57faac
- 6e1e74b0a064cc7d9aba8e485417632d7a55e0ff4ba9b078358ce9dd8b85ece4
SHA1
- 9e98e8cd8b50910d57e38aa483c328c7aab87456
- 1bbee10e1335cae1cc8e75a478ad4e2c5e131fd9
- a3bc69e93fda6231685364ecf39197bc4cadf891
Remediation
- Block all threat indicators at your respective controls.
- Search for iOCs in your environment.