Rewterz Threat Alert – AZORult Malware – Active IOCs
June 3, 2022Rewterz Threat Alert – NJRAT – Active IOCs
June 3, 2022Rewterz Threat Alert – AZORult Malware – Active IOCs
June 3, 2022Rewterz Threat Alert – NJRAT – Active IOCs
June 3, 2022Severity
High
Analysis Summary
Meterpreter – a trojan-type program – enables attackers to take control of affected machines remotely. This malware injects itself into compromised processes rather than creating new ones. Meterpreter can transmit and receive files, launch executable files, perform command shell operations, capture screenshots, and record keystrokes. The main objective of its distribution is either to generate revenue or infect devices with additional malware. Infected email attachments, malicious online advertisements, social engineering are some of its distribution methods. Cyber thieves can infect victims’ systems with more malware, such as ransomware, by sending, receiving, and executing files using Meterpreter. Ransomware encrypts data, making it impossible for victims to use or access it unless they acquire decryption tools from the program’s creators. Identity theft, banking information, and passwords theft are the main impact of this trojan
Impact
- Information Theft
- File Encryption
Indicators of Compromise
MD5
- 6f78a108d4257e289030b8bebf6ddb8f
SHA-256
- 30723119a82a31c2b6039f5da4e2cd4f14c98e8b29b5039fad7986f27f73d0bd
SHA-1
- 40a3dea3f1e2fdd7ac8a1057b768daec41e3e01c
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment.