logo_SVG-01
✕
  • Platform
    • Rewterz XDR
    • Rewterz Defense
    • Rewterz Threat Intelligence
    • Managed Security Services
    • Managed Penetration Testing
  • Services
    • Assess
      • Compromise Assessment
      • Advanced Persistent Threats Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      • SOC Maturity Assessment
      • SOC Model Evaluation
      • SOC Gap Analysis
      • SIEM Gap Analysis
      • SIEM Optimization
      • SOC Content Pack
    • Train
      • Simulated Cyber Attack Exercise
      • Tabletop Exercise
      • Security Awareness and Training
    • Respond
      • Incident Analysis
      • Incident Response
  • Solutions
  • Resources
    • Blogs
    • Press Releases
    • Threat Insights
      • Threat Intelligence Reports
      • Threat Advisories
      • Monthly Threat Insights
  • Why Rewterz?
    • About Us
    • Careers
    • Contact
logo_SVG-01
  • Platform
    xdrLogo
    center_new
    Read More about XDR

    Platform

    • Rewterz XDR
    • Rewterz Defense
    • Rewterz Threat Intelligence
    Rewterz Threat Alert – Gustuff Banking Botnet Targeting Financial Institutions

    Managed Security Services

    • Managed Security Monitoring
    • Remote SOC
    • Onsite SOC
    • Hybrid SOC

    Managed Penetration Testing

    Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.

  • Services

    Assess

    • Compromise Assessment
    • APT Assessment
    • Penetration Testing
    • Architecture Design & Review
    • Red Team Assessment
    • Purple Team Assessment
    • Social Engineering
    • Source Code Review

    Transform

    • SOC Consultancy
    • SOC Maturity Assessment
    • SOC Model Evaluation
    • SOC Gap Analysis
    • SIEM Gap Analysis
    • SIEM Optimization
    • SOC Content Pack

    Train

    • Simulated Cyber Attack Exercise
    • Tabletop Exercise
    • Security Awareness and Training

    Respond

    • Incident Analysis
    • Incident Response
  • Solutions
  • Resources

    Resources

    • Blog
    • Press Releases
    March 15, 2023
    March 15, 2023
    Rewterz Threat Alert -New Golang-Based Botnet GoBruteforcer Breaches Web Servers – Active IOCs
    Severity High Analysis Summary According to researchers, a Golang-based botnet named GoBruteforcer has been discovered, which is specifically targeting web servers running FTP, MySQL, phpMyAdmin, and […]
    March 15, 2023
    March 15, 2023
    Rewterz Threat Alert – DarkComet RAT (Remote Access Trojan) – Active IOCs
    Severity High Analysis Summary DarkComet RAT (Remote Administration Tool) is a type of malware that is designed to allow attackers to gain remote access to a […]
    March 15, 2023
    March 15, 2023
    Rewterz Threat Advisory -Multiple Microsoft Windows Products Vulnerabilties
    Severity High Analysis Summary CVE-2023-23410 CVSS:7.8 Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in […]

    Threat Insights

    16
    pdf-file (1)
    Annual Threat Intelligence Report 2022
    • Threat Advisories
    • Monthly Threat Insights
    • Threat Intelligence Reports
  • Why Rewterz?

    About Us

    Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.

    Read More

    play_btn_Smallplay_btn_hover_Small
    leadership

    Our Leadership

    Our leadership team brings together years of knowledge and experience in cybersecurity to drive our company's mission and vision. Our team is passionate about delivering high-quality products and services, leading by example and assisting our clients in securing their organization’s environment.
    help

    CSR

    At Rewterz, we believe that businesses have a responsibility to impact positively and contribute to the well-being of our communities as well as the planet. That's why we are committed to operating in a socially responsible and sustainable way.

    Connect with Us

    • Contact
    • Careers
Get in Touch
logo_SVG-01
  • Platform
    xdrLogo
    center_new
    Read More about XDR

    Platform

    • Rewterz XDR
    • Rewterz Defense
    • Rewterz Threat Intelligence
    Rewterz Threat Alert – Gustuff Banking Botnet Targeting Financial Institutions

    Managed Security Services

    • Managed Security Monitoring
    • Remote SOC
    • Onsite SOC
    • Hybrid SOC

    Managed Penetration Testing

    Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.

  • Services

    Assess

    • Compromise Assessment
    • APT Assessment
    • Penetration Testing
    • Architecture Design & Review
    • Red Team Assessment
    • Purple Team Assessment
    • Social Engineering
    • Source Code Review

    Transform

    • SOC Consultancy
    • SOC Maturity Assessment
    • SOC Model Evaluation
    • SOC Gap Analysis
    • SIEM Gap Analysis
    • SIEM Optimization
    • SOC Content Pack

    Train

    • Simulated Cyber Attack Exercise
    • Tabletop Exercise
    • Security Awareness and Training

    Respond

    • Incident Analysis
    • Incident Response
  • Solutions
  • Resources

    Resources

    • Blog
    • Press Releases
    March 15, 2023
    March 15, 2023
    Rewterz Threat Alert -New Golang-Based Botnet GoBruteforcer Breaches Web Servers – Active IOCs
    Severity High Analysis Summary According to researchers, a Golang-based botnet named GoBruteforcer has been discovered, which is specifically targeting web servers running FTP, MySQL, phpMyAdmin, and […]
    March 15, 2023
    March 15, 2023
    Rewterz Threat Alert – DarkComet RAT (Remote Access Trojan) – Active IOCs
    Severity High Analysis Summary DarkComet RAT (Remote Administration Tool) is a type of malware that is designed to allow attackers to gain remote access to a […]
    March 15, 2023
    March 15, 2023
    Rewterz Threat Advisory -Multiple Microsoft Windows Products Vulnerabilties
    Severity High Analysis Summary CVE-2023-23410 CVSS:7.8 Microsoft Windows could allow a local authenticated attacker to gain elevated privileges on the system, caused by a flaw in […]

    Threat Insights

    16
    pdf-file (1)
    Annual Threat Intelligence Report 2022
    • Threat Advisories
    • Monthly Threat Insights
    • Threat Intelligence Reports
  • Why Rewterz?

    About Us

    Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.

    Read More

    play_btn_Smallplay_btn_hover_Small
    leadership

    Our Leadership

    Our leadership team brings together years of knowledge and experience in cybersecurity to drive our company's mission and vision. Our team is passionate about delivering high-quality products and services, leading by example and assisting our clients in securing their organization’s environment.
    help

    CSR

    At Rewterz, we believe that businesses have a responsibility to impact positively and contribute to the well-being of our communities as well as the planet. That's why we are committed to operating in a socially responsible and sustainable way.

    Connect with Us

    • Contact
    • Careers
Get in Touch
Rewterz
Rewterz Threat Advisory – Oracle PeopleSoft Enterprise Learning Management Multiple Vulnerabilities
April 18, 2019
Rewterz
Rewterz Threat Advisory – IBM Security QRadar SIEM Multiple Vulnerabilities
April 19, 2019

Rewterz Threat Alert – Gustuff Banking Botnet Targeting Financial Institutions

April 18, 2019

Severity

Medium

Analysis Summary

A banking botnet was rcently observed targeting Australian financial institutions. The researchers believe that this Android-based campaign is related to the recent “ChristinaMorrow” spam campaign. The infection vector is via SMS text, targeting between four and five potential victims at a time. If a victim clicks the URL contained in the text message, it will attempt to resolve to a command and control server and try to install the malware on the victim’s device. The malware being utilized includes the following functionalities: the ability to steal a victim’s credentials, contacts, phone numbers/names, files, and photos from an infected device. Gathering of such information suggests that more complex social engineering attacks are to follow. 

Impact

  • Credential Theft
  • Information Disclosure

Indicators of Compromise

IP(s) / Hostname(s)

  • 78[.]46[.]201[.]36
  • 88[.]99[.]170[.]84
  • 88[.]99[.]227[.]26
  • 94[.]130[.]106[.]117
  • 88[.]99[.]174[.]200
  • 88[.]99[.]189[.]31

URLs

  • homevideo2-12l[.]ml
  • facebook-photos-au[.]su
  • videohosting1-5j[.]gq
  • http[:]//88[.]99[.]227[.]26/html2/2018/GrafKey/new-inj-135-3-dark[.]html
  • http[:]//88[.]99[.]227[.]26/html2/arc92/au483x[.]zip
  • http[:]//94[.]130[.]106[.]117[:]8080/api/v1/report/records[.]php
  • http[:]//88[.]99[.]227[.]26/html2/new-inj-135-3-white[.]html
  • http[:]//facebook-photos-au[.]su/ChristinaMorrow
  • http[:]//homevideo2-12l[.]ml/mms3/download_3[.]php

Malware Hash (MD5/SHA1/SH256)

  • 369fcf48c1eb982088c22f86672add10cae967af82613bee6fb8a3669603dc48 
  • b2d4fcf03c7a8bf135fbd3073bea450e2e6661ad8ef2ab2058a3c04f81fc3f3e 
  • 8f5d5d8419a4832d175a6028c9e7d445f1e99fdc12170db257df79831c69ae4e 
  • a5ebcdaf5fd10ec9de85d62e48cc97a4e08c699a7ebdeab0351b86ab1370557d 
  • 84578b9b2c3cc1c7bbfcf4038a6c76ae91dfc82eef5e4c6815627eaf6b4ae6f6 
  • 89eecd91dff4bf42bebbf3aa85aa512ddf661d3e9de4c91196c98f4fc325a018 
  • 9edee3f3d539e3ade61ac2956a6900d93ba3b535b6a76b3a9ee81e2251e25c61 
  • 0e48e5dbc3a60910c1460b382d28e087a580f38f57d3f82d4564309346069bd1 
  • c113cdd2a5e164dcba157fc4e6026495a1cfbcb0b1a8bf3e38e7eddbb316e01f 
  • 1819d2546d9c9580193827c0d2f5aad7e7f2856f7d5e6d40fd739b6cecdb1e9e 
  • b213c1de737b72f8dd7185186a246277951b651c64812692da0b9fdf1be5bf15 
  • 453e7827e943cdda9121948f3f4a68d6289d09777538f92389ca56f6e6de03f0 
  • 88034e0eddfdb6297670d28ed810aef87679e9492e9b3e782cc14d9d1a55db84 
  • e08f08f4fa75609731c6dd597dc55c8f95dbdd5725a6a90a9f80134832a07f2e 
  • 01c5b637f283697350ca361f241416303ab6123da4c6726a6555ac36cb654b5c 
  • 1fb06666befd581019af509951320c7e8535e5b38ad058069f4979e9a21c7e1c 
  • 6bdfb79f813448b7f1b4f4dbe6a45d1938f3039c93ecf80318cedd1090f7e341 
  • 0246dd4acd9f64ff1508131c57a7b29e995e102c74477d5624e1271700ecb0e2 

Remediation

  • Block all threat indicators at their respective controls.
  • Search for existing signs of the indicated IOCs in your environment.
  • Ensure anti-virus software and associated files are up to date.

Platform

  • Rewterz XDR
  • Rewterz Defense
  • Rewterz Threat Intelligence

Managed Security Services

  • Managed Security Monitoring
  • Remote SOC
  • Onsite SOC
  • Hybrid SOC

Assess

  • Compromise Assessment
  • APT Assessment
  • Penetration Testing
  • Architecture Design & Review
  • Red Team Assessment
  • Purple Team Assessment
  • Social Engineering
  • Source Code Review

Transform

  • SOC Consultancy
  • SOC Maturity Assessment
  • SOC Model Evaluation
  • SOC Gap Analysis
  • SIEM Gap Analysis
  • SIEM Optimization
  • SOC Content Pack

Train

  • Simulated Cyber Attack Exercise
  • Tabletop Exercise
  • Security Awareness and Training

Respond

  • Incident Analysis
  • Incident Response

Threat Insights

  • Threat Advisories
  • Monthly Threat Insights
  • Threat Intelligence Reports

Resources

  • Blog
  • Press Releases

Connect With Us

  • Contact
  • Careers
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.
Get a Demo