• Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Press Release
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Alert – CryptBot Trojan – Active IOCs
January 2, 2023
Rewterz Threat Alert – GandCrab Ransomware – Active IOCs
January 2, 2023

Rewterz Threat Alert – MeterPreter Malware – Active IOCs

January 2, 2023

Severity

High

Analysis Summary

Meterpreter – a trojan-type program – enables attackers to take control of affected machines remotely. This malware injects itself into compromised processes rather than creating new ones. Meterpreter can be utilize to send and receive files, launch executable files, perform command shell operations, capture screenshots, and record keystrokes. The main objective of its distribution is either to generate revenue or infect devices with additional malware. Infected email attachments, malicious online advertisements, and social engineering are some of its distribution methods. Threat actors can infect victims’ systems with more malware, such as ransomware, by sending, receiving, and executing files using Meterpreter. Ransomware encrypts data, making it impossible for victims to use or access it unless they acquire decryption tools from the program’s creators. Identity theft, banking information, and password theft are the main impact of this trojan.

Impact

  • Information Theft 
  • File Encryption

Indicators of Compromise

MD5

  • 365342f8883f5b865f1aabeec9f652b8
  • 7a0151a72581e590799407d387a7d96a

SHA-256

  • 56ffb6689642f5d25968398446c39ff3bd3fab8afaf319aa3893ff6320cd1f4e
  • b453f1da208afbdd85aa53d2c707b02f9342485f32de9a171419347743c90cd9

SHA-1

  • 43faf3cd7d209a5503a2da9e5ee8bbffce9b1225
  • d2fcd34cb76af2e8f1a5638e99fde039c0a0efa7

Remediation

  • Search for IOCs in your environment.
  • Block all threat indicators at your respective controls.
  • Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.