November 20, 2023

Rewterz Threat Alert – Agent Tesla Malware – Active IOCs

Severity Medium Analysis Summary Agent Tesla is a very popular spyware Trojan built for the.NET framework. Since its initial appearance in 2014, this has been deployed […]

November 19, 2023

Rewterz Threat Alert – STOP (DJVU) Ransomware – Active IOCs

Severity High Analysis Summary The STOP/DJVU ransomware initially made headlines in 2018 and has since been attacking individuals all around the world. It’s widespread on torrent […]

November 19, 2023

Rewterz Threat Advisory – CVE-2023-40363 – IBM InfoSphere Information Server Vulnerability

Severity High Analysis Summary CVE-2023-40363 IBM InfoSphere Information Server 11.7 could allow an authenticated user to change installation files due to incorrect file permission settings. Impact […]

November 20, 2023

Rewterz Threat Alert – Agent Tesla Malware – Active IOCs

Severity Medium Analysis Summary Agent Tesla is a very popular spyware Trojan built for the.NET framework. Since its initial appearance in 2014, this has been deployed […]

November 19, 2023

Rewterz Threat Alert – STOP (DJVU) Ransomware – Active IOCs

Severity High Analysis Summary The STOP/DJVU ransomware initially made headlines in 2018 and has since been attacking individuals all around the world. It’s widespread on torrent […]

November 19, 2023

Rewterz Threat Advisory – CVE-2023-40363 – IBM InfoSphere Information Server Vulnerability

Rewterz Threat Alert – SLUB Backdoor Uses GitHub, Communicates via Slack

March 8, 2019

Rewterz threat Alert – Malspam NanoCore RAT Malware – IoCs

March 11, 2019

Rewterz threat Alert – Nymaim Malware – threat Indicators

March 11, 2019

Severity

Medium

Analysis Summary

Nymaim Malware has been spread through different phishing emails and dropping malicious url’s through .exe files and .docs files.

Impact

Nymaim malware infection

Indicators of Compromise

IP(s) / Hostname(s)	209.141.61[.]249 49.51.137[.]228
URLs	feustegeh[.]com jestowendo[.]com
Filename	(Vicky_Linsey_Resume.doc) (Vicky_Linsey_Resume.docm)
Malware Hash (MD5/SHA1/SH256)	2cc1db846ad6a94c17de63829f598ac11fc9307f3d61fd4406c2c9cb5977d17f 692d1d6f27420e4298cd6150625dcbca36edc7ab09c90cae4b1e0e6d82ed4dd1 c1c025a386c824332f43e6ab418288b07c186e1ee80312ade999fab867c6f2f5

Remediation

Block threat indicators at your respective controls
Always be suspicious of the emails sent by unknown senders
Never click on the links/ attachments sent by unknown users/senders

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Rewterz Threat Alert – Agent Tesla Malware – Active IOCs

Rewterz Threat Alert – STOP (DJVU) Ransomware – Active IOCs

Rewterz Threat Advisory – CVE-2023-40363 – IBM InfoSphere Information Server Vulnerability

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Platform

Managed Security Services

Managed Penetration Testing

Assess

Transform

Train

Respond

Resources

Rewterz Threat Alert – Agent Tesla Malware – Active IOCs

Rewterz Threat Alert – STOP (DJVU) Ransomware – Active IOCs

Rewterz Threat Advisory – CVE-2023-40363 – IBM InfoSphere Information Server Vulnerability

Threat Insights

About Us

Our Leadership

CSR

Connect with Us

Rewterz Threat Alert – SLUB Backdoor Uses GitHub, Communicates via Slack

Rewterz threat Alert – Malspam NanoCore RAT Malware – IoCs