• Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Advisory – CVE-2020-12695 – CallStranger Vulnerability
June 9, 2020
Rewterz Threat Alert – Emissary Panda APT Group – IOCs
June 9, 2020

Rewterz Threat Alert – Lazarus APT Group – IOCs

June 9, 2020

Severity

High

Analysis Summary

Following samples of Lazarus group, an state sponsored threat actor targeting financially organizations for their gains have been active again and actively targeting different organizations via phishing emails dropping malicious word documents which enables macro when downloaded and executed. Previously these campaigns were specifically crafted to target Russian organizations but now they’ve shifted their tilt towards Asia pacific region.

Impact

  • Credential theft
  • Financial loss
  • Exposure of sensitive information

Indicators of Compromise

MD5

  • 84aa5a019b9c50118a9a42a197358060
  • 2142739359fd0c614ffe3e2fcbc8c89d

SHA-256

  • 4dc302e1f7cf8bdc4983fdf02cf5b13bcd9314bb87953b9c6797187700192665
  • 4a4224f6c898ead010964627a9dcee369eb6205afc52a23253eb1eb7349b020a

SHA1

  • e6b4362f843437789b2d7854a390a372a28ffc9a
  • 9ca3d6e4c3efc58aa7775a68571e3933c32e43f4

Remediation

  • Block all threat indicators at your respective controls.
  • Search for IOCs in your respective environments.
  • Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.