Rewterz Threat Advisory – ICS: Siemens SIMATIC CP 442-1 and CP 443-1 RNA Vulnerability
May 11, 2022Rewterz Threat Advisory – CVE-2022-29885 – Apache Tomcat Vulnerability
May 12, 2022Rewterz Threat Advisory – ICS: Siemens SIMATIC CP 442-1 and CP 443-1 RNA Vulnerability
May 11, 2022Rewterz Threat Advisory – CVE-2022-29885 – Apache Tomcat Vulnerability
May 12, 2022Severity
Medium
Analysis Summary
The Ramnit malware has numerous variants, which may individually be categorized as trojans, viruses, or worms. The first ramnit malware discovered in 2010 were viruses that infected exe, .dll , and html files found on a computer. Later variants included the ability to steal confidential data from the infected machine. Depending on the variants, Ramnit-infected machines can also be enslaved in a botnet.
Impact
- Information Theft
- Exposure of Sensitive Data
- Credential Theft
Indicators of Compromise
MD5
- efbbb7f8918d5c41a5e109d69068b6fd
- 69dc6baf34bc7dc2197cfc6d15bc0a83
SHA-256
- 3492b05c88ead6f2d823e94af98329b3b17099a5f77cdd6cf49fe8aa1d3ca990
- 60b9314940039281b6bb2216330400cf2b12d2125326ba2e69f251fb049409b2
SHA-1
- 9ef2b338504242c4b44555d8e2eadc8333790252
- 193e9f44ce7e10fff6691ae05eb0a7c391698b25
Remediation
- Block the threat indicators at their respective controls.
- Search for IOCs in your environment.