Rewterz Threat Alert – LokiBot Malware – Active IOCs
August 21, 2022Rewterz Threat Alert – DarkCrystal RAT (DCRat) – Active IOCs 
August 21, 2022Rewterz Threat Alert – LokiBot Malware – Active IOCs
August 21, 2022Rewterz Threat Alert – DarkCrystal RAT (DCRat) – Active IOCs 
August 21, 2022Severity
Medium
Analysis Summary
Ghost RAT is a remote access trojan that allows an attacker to access an infected machine to harvest sensitive information and data. This type of malware enables cybercriminals to gain complete access to infected computers and attempt to hijack the user’s banking account.Some variants of Gh0st can be used to install cryptocurrency miners and/or various trojan-type programs. Cybercriminals use these controls over the infected computer to access the victim’s bank account and transfer money without authorization.
Impact
- Credential Theft
- Unauthorized Access
- Theft of Sensitive Information
- File manipulation
- Remote command execution
Indicators of Compromise
MD5
- 3495abe60a50c77870db63440b760357
- d2164ec368772d9a7e57d789a619b92e
SHA-256
- 4027995b0a77793ccb5b415d66ba3b6ea1dfdbdc70249ab2f7f66a35f97a80d3
- 72c3d84cf5b3871d7ca7d922b39cb2d5de4aa20efc5bfc8a89d622e6df05498d
SHA-1
- ac8d63411a8effa0a6c4ffd6a1ee5898179cd185
- 2e1d15ae40babb21bff1dd78dc6f6e4deef22f2e
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment.