Rewterz Threat Alert – Excel Spreasheet Macro Kicks off Formbook Malware Infection
July 13, 2020Rewterz Threat Advisory – CVE-2020-6286 – Critical Vulnerability in SAP NetWeaver AS Java
July 14, 2020Rewterz Threat Alert – Excel Spreasheet Macro Kicks off Formbook Malware Infection
July 13, 2020Rewterz Threat Advisory – CVE-2020-6286 – Critical Vulnerability in SAP NetWeaver AS Java
July 14, 2020Severity
Medium
Analysis Summary
NanoCore is high-risk trojan, a remote access tool (RAT). In most cases, this malware is proliferated using spam email campaigns. Criminals send thousands of deceptive emails that contain malicious attachments. Once opened, these files immediately infect computers with viruses such as NanoCore. The presence of this malware can cause serious issues, since the malware distributor gains remote access to the infected system.
Impact
- Credential theft
- Exposure of sensitive information
Indicators of Compromise
URL
- http[:]//envoyemlak[.]com/msaudio[.]exe
- http[:]//abass[.]ir/bigmanx/dutyx[.]exe
- http[:]//crc2k18[.]mooo[.]com/rm82/crk/nan-crc[.]exe
- http[:]//mrgeek[.]pk/snllwd[.]exe
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment.