Rewterz Threat Update – Microsoft’s Emergency Update Fixes Windows AD Authentication Issues
May 20, 2022Rewterz Threat Alert – NJRAT – Active IOCs
May 20, 2022Rewterz Threat Update – Microsoft’s Emergency Update Fixes Windows AD Authentication Issues
May 20, 2022Rewterz Threat Alert – NJRAT – Active IOCs
May 20, 2022Severity
Medium
Analysis Summary
Ghost RAT is a remote access trojan that allows an attacker to access an infected machine to harvest sensitive information and data. This type of malware enables cybercriminals to gain complete access to infected computers and attempt to hijack the user’s banking account.Some variants of Gh0st can be used to install cryptocurrency miners and/or various trojan-type programs. Cybercriminals use these controls over the infected computer to access the victim’s bank account and transfer money without authorization.
Impact
- Credential Theft
- Unauthorized Access
- Theft of Sensitive Information
- File manipulation
- Remote command execution
Indicators of Compromise
MD5
- de38e62f30104942bdf16df80b5f1cd7
SHA-256
- d98dd185649fc4abf358aadf1ffdc7b1adcb0bfd25995ecc43fe758ead829ba3
SHA-1
- 411095a95898ca8ccfd5905d7b7fa4c06838cabf
Remediation
- Block the threat indicators at their respective controls.
- Search for IOCs in your environment.