Rewterz Threat Alert – Matiex Malware – Active IOCs
January 3, 2023Rewterz Threat Alert – Mirai Botnet aka Katana – Active IOCs
January 4, 2023Rewterz Threat Alert – Matiex Malware – Active IOCs
January 3, 2023Rewterz Threat Alert – Mirai Botnet aka Katana – Active IOCs
January 4, 2023Severity
High
Analysis Summary
Ghost RAT is a remote access trojan that allows an attacker to access an infected machine to harvest sensitive information and data. This type of malware enables cybercriminals to gain complete access to infected computers and attempt to hijack the user’s banking account.Some variants of Gh0st can be used to install cryptocurrency miners and/or various trojan-type programs. Cybercriminals use these controls over the infected computer to access the victim’s bank account and transfer money without authorization.
Impact
- Credential Theft
- Unauthorized Access
- Theft of Sensitive Information
- File manipulation
- Remote command execution
Indicators of Compromise
MD5
- f544eb1f87d84e22f36af9313c234342
SHA-256
- 3b15486651f5e552fe3a354485aa2751dd730b8c3dd4ec26c0d9a976b2d3b129
SHA-1
- d23f3c66ae84b7f9cf951cb4cdf99e55e4d823e0
Remediation
- Block all threat indicators at your respective controls.
- Search for Indicators of compromise (IOCs) in your environment utilizing your respective security controls
- Enable antivirus and anti-malware software and update signature definitions in a timely manner. Using multi-layered protection is necessary to secure vulnerable assets
- Patch and upgrade any platforms and software timely and make it into a standard security policy.