Rewterz Threat Advisory – CVE-2022-37972 – Microsoft Endpoint Configuration Manager Vulnerability
September 21, 2022Rewterz Threat Alert – Remcos RAT – Active IOCs
September 21, 2022Rewterz Threat Advisory – CVE-2022-37972 – Microsoft Endpoint Configuration Manager Vulnerability
September 21, 2022Rewterz Threat Alert – Remcos RAT – Active IOCs
September 21, 2022Severity
High
Analysis Summary
A new Mirai variant is making the rounds called mirai_pteamirai. This botnet is one of the significant botnets targeting exposed networking devices running Linux. Mirai means ‘future’ in Japanese. This botnet is one of the active botnet and used to cause DDoS conditions. IP cameras, home routers, and other IoT devices are the common targets of this botnet.
Impact
- Server Outage
- Data Loss
- Website Downtime
Indicators of Compromise
MD5
- 06aa3cda0435a221142b5fefcd797f6d
- 932197152f7e9ba827b3ce6d8b10b817
- a8acb33a95813aa7eb9d52ec65b467bc
SHA-256
- 93f431676da0d321697ed07394c870f6d9cfff1700e3c81bc48ca6887d29a3e6
- 53ee4d0ca09c05f9129ab43a69b4cac5f3e0307c63f4f250875f45ccedbb7bca
- 9bd6997b9e82645ee152bd385ecec9523eb18130833dc62d95179c4a18dd8d9d
SHA-1
- aa8b54e27caf26d2b6bc420d6a51c7164240d4a6
- ffd16e332cd06017ff2568b327277cea9bc33d6a
- fdda1af695411498b0e1e55ced226c9e79941562
Remediation
- Upgrade your operating system.
- Don’t open files and links from unknown sources.
- Install and run anti-virus scans.