Rewterz Threat Alert – Remcos RAT – Active IOCs
April 8, 2022Rewterz Threat Alert – Nanocore Rat – Active IOCs
April 8, 2022Rewterz Threat Alert – Remcos RAT – Active IOCs
April 8, 2022Rewterz Threat Alert – Nanocore Rat – Active IOCs
April 8, 2022Severity
Medium
Analysis Summary
Ghost RAT is a remote access trojan that allows an attacker to access an infected machine to harvest sensitive information and data. This type of malware enables cybercriminals to gain complete access to infected computers and attempt to hijack the user’s banking account.Some variants of Gh0st can be used to install cryptocurrency miners and/or various trojan-type programs. Cybercriminals use these controls over the infected computer to access the victim’s bank account and transfer money without authorization.
Impact
- Credential Theft
- Unauthorized Access
- Theft of Sensitive Information
- File manipulation
- Remote command execution
Indicators of Compromise
MD5
- 9fa2c1ea39caf46af63e1eac52de3737
- 21b1b5918f6845b080cc440c8eba815c
- e833235a1f2690c38a5be5ad205be52f
SHA-256
- 09f5a7cf45a44e7f83caba21335bad806476b652d8c3f386bbe478323de208c4
- 436c037b8817fbd220d83bb9cc017403e788ad7f27b628c47378642e21f2b29b
- 05e9b20e9bfebd394bdca5243e7c3744b01e96644f876e4d93019f7e4e5c8296
SHA-1
- 7367eaeadaaf4c1c8be70e3971e7cbdc725fde01
- 9f7605e1df24474a3cf1dc5cc1656bf73ece6a6f
- 028dc23511512e44e35c3297a066f33fa6f99cf4
Remediation
- Block the threat indicators at their respective controls.
- Search for IOCs in your environment.