• Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Advisory – Adobe Flash Player Zero-Day vulnerability CVE-2018-15982 exploited in APT Attacks
January 4, 2019
Rewterz Threat Advisory – CVE-2018-19725 & CVE-2018-16011 Adobe Reader / Acrobat Multiple Vulnerabilities
January 4, 2019

Rewterz Threat Alert – Malspam campaign dropping LokiBot Malware

January 4, 2019

SEVERITY: Medium

 

 

CATEGORY: Informative Updates

 

 

ANALYSIS SUMMARY

 

Another Malspam campaign has been discovered dropping the Loki Bot malware. Just like the LokiBot campaign in December, this one also initiates from malicious emails. However, the Indicators of Compromise retrieved from this campaign are different from the previous campaign.

 

 

Indicators of Compromise

 

URLs

 

hxxp://admin.snzadm[.]ru/js/?cliente=

hxxp://213[.]183[.]51[.]235/lawd/panel/fre.php

 

Email Address

 

info[@]email[.]18325

adib[@]impactspur[.]com

 

Malware Hash

 

  • 6c1f2700eda668b3e912c3a6ac0bdcec
  • 6e7716f1f1dd4caac37aa6f8274b413f48bdb6f2
  • a9879832b75061e7cfc6ed363fa7055c3931bfe9c7fd84257d5d62e936e87b9a
  • 20eb496e1487e739567d294570c3654f
  • e11305455b3a2a03c322cb24ff679917daed8793
  • f450d6a4eadea4b11e29d493c399ed3cf247a04444afec84a89572a7f41bf14a
  • ccdc5204c92640beb9735bb38adbfa85
  • 52c5adfb146f873a72cbe52011ba57465021d16f
  • e032a06a791dcf2971cbed8ce4f8c7d8ce1e844f0468343ed6b503de4438ee5c

 

 

Remediation

 

Please block the threat indicators at their respective controls.

  • Services
    • Asses
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.