Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Rewterz penetration testing services help organizations determine if a cyber attacker can gain access to their critical assets while giving them detailed insights of the overall business impact of a cyber attack.
Before Rewterz got its start, the market was in dire need of a specialized and dedicated information security company. It was nearly impossible for businesses to find a trustworthy provider that could truly cover all of their bases. We wanted to meet this need, giving companies across the globe a chance to get ahead while knowing that their data is in good hands.
Severity
Medium
Analysis Summary
Rat malware is actively being spread through phishing campaign and is being sent to different users. Threat indicators are provided.
Indicators of Compromise
IP(s) / Hostname(s)
URLs
hxxps://drive.google[.]com/uc?export=download&id=1kaflsznpssrxg_5xs6jlmtyzaz41p1y5
www.diverbooster[.]com
hxxp://www.diverbooster[.]com/transfert/putty.exe
winsec.ddns[.]net
winsec.gotdns[.]ch
hxxps://we[.]tl/t-mizglhghtn
hxxps://wetransfer[.]com/downloads/e5c234ac484973041af77a211ebe2afe20190408032
603/1e5aa2
hxxp://l264.l264849.96[.]lt/adbsro37qtl3cbw9vo0lk2bx8vv7jmx2mlesim9ddw11fem3sjp3iju
oufk/adb1.php?feedback=
hxxp://l264.l264849.96[.]lt/adbsro37qtl3cbw9vo0lk2bx8vv7jmx2mlesim9ddw11fem3sjp3iju
oufk/adoo.php
hxxp://l264.l264849.96[.]lt/adbsro37qtl3cbw9vo0lk2bx8vv7jmx2mlesim9ddw11fem3sjp3iju
oufk/dsp.php
Email Address
Malware Hash (MD5/SHA1/SH256)
Remediation