Rewterz Threat Alert – APT 10 – Active IOCs
April 8, 2022Rewterz Threat Alert – Ursnif Banking Trojan – Active IOCs
April 8, 2022Rewterz Threat Alert – APT 10 – Active IOCs
April 8, 2022Rewterz Threat Alert – Ursnif Banking Trojan – Active IOCs
April 8, 2022Severity
Medium
Analysis Summary
Since 2016, FormBook has been active as a data-stealing malware that affects 4% of enterprises in 2020. It tracks and monitors keystrokes, finds and accesses files, takes screenshots, harvests passwords from various browsers, drops files, downloads, and executes stealthier malware in response to orders from a command-and-control server (C2). The cybercriminals behind these email campaigns used a variety of distribution techniques to deliver this malware, including PDFs, Office Documents, ZIP, RAR, etc.
Impact
- Sensitive Information Theft
- Crediential Thedt
- Keystroke Logging
Indicators of Compromise
MD5
- d08d08e1dee2e6ef34be1570bf8b9300
SHA-256
- afb058fdd8aa200fe754289c9b48d8876f4bbd7cbcefc964742d76c32a990340
SHA-1
- 841fc2c84db7f0a97f0594d5088a4e3d2202294e
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment.