Rewterz Threat Alert – STOP/DJVU Ransomware – Active IOCs
August 18, 2022Rewterz Threat Alert – Lazarus APT Group – Active IOCs
August 18, 2022Rewterz Threat Alert – STOP/DJVU Ransomware – Active IOCs
August 18, 2022Rewterz Threat Alert – Lazarus APT Group – Active IOCs
August 18, 2022Severity
Medium
Analysis Summary
Ghost RAT is a remote access trojan that allows an attacker to access an infected machine to harvest sensitive information and data. This type of malware enables cybercriminals to gain complete access to infected computers and attempt to hijack the user’s banking account.Some variants of Gh0st can be used to install cryptocurrency miners and/or various trojan-type programs. Cybercriminals use these controls over the infected computer to access the victim’s bank account and transfer money without authorization.
Impact
- Credential Theft
- Unauthorized Access
- Theft of Sensitive Information
- File manipulation
- Remote command execution
Indicators of Compromise
MD5
- d7218bbf533d6cd111f85b869cc4d2ca
SHA-256
- dfa35440cfd1f31f25414561d49989f7e92d87275f2451c0132fc8398ff8e4c9
SHA-1
- d0fbe98287c51c06d675ddfe9a725d238294f9c1
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment.