Rewterz Threat Alert – Ursnif Banking Trojan – Active IOCs
April 4, 2022Rewterz Threat Alert – Agent Tesla Malware – Active IOCs
April 4, 2022Rewterz Threat Alert – Ursnif Banking Trojan – Active IOCs
April 4, 2022Rewterz Threat Alert – Agent Tesla Malware – Active IOCs
April 4, 2022Severity
High
Analysis Summary
A maldoc with the name “Updated Brochure.ppt” has been observed in Pakistan. The maldoc could be a Heuristic virus that may infect systems and disable antiviruses. Since the maldoc impersonates “Pakistan Science Expo-2022,” it is highly likely that it uses these themes for initial infiltration.
Impact
- Data Theft
- File Encryption
Indicators of Compromise
Filename
- Updated Brochure[.]ppt
MD5
- b76ec0e8ebe9c2f5474a3623cca70708
SHA-256
- 50dfd84cc759c62b0b8830c585f45026ef66465e90b1ff3a77204c456660e971
SHA-256
- 5b47949116967c03e258022dd014415ac9910071
Remediation
- Search for IOCs in your environment.
- Block all threat indicators at your respective controls.