• Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Alert – EasyJet Airlines 9 million travel records taken in data breach
May 19, 2020
Rewterz Threat Advisory – ICS: Rockwell Automation EDS Subsystem Denial of Service Vulnerability
May 20, 2020

Rewterz Threat Alert – Lazarus FastCash – IOCs

May 20, 2020

Severity

High

Analysis Summary

FASTCash schemes remotely compromise payment switch application servers within banks to facilitate fraudulent transactions. Lazarus has been targeting this fastcash schemes previous aly as well for their financial gains and targeting different banking sectors around the world.

The newly identified file is a dynamic link library (DLL) backdoor likely used by the threat actors to obtain remote access to a targeted machine. 

Impact

Financial loss

Indicators of Compromise

MD5

98c1ecc4aed0099fb8c797b1ce72f3c0

SHA-256

333b4da636271f57c2f16acba9adc389c66fc4d7e215050f0e4f50218b52c979

SHA1

241531a971e41dee5023798b736e2e2151b405d7

Remediation

  • Block all threat indicators at your respective controls.
  • Search for IOCs in your existing environments.
  • Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Blue Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.