Rewterz Threat Alert – Dridex Banking Trojan – Active IOCs
September 14, 2021Rewterz Threat Alert – Lazarus APT Group – Active IOCs
September 14, 2021Rewterz Threat Alert – Dridex Banking Trojan – Active IOCs
September 14, 2021Rewterz Threat Alert – Lazarus APT Group – Active IOCs
September 14, 2021Severity
High
Analysis Summary
Redline the data burglar of users’ confidential information from web browsers and by installing malicious software this redline stealer can harm the operating systems. The malware appeared in March 2020 according to the Proofpoint investigation. During the COVID-19 pandemic, redline spread across many countries and it is still active to achieve its purpose by stealing passwords, credit card information, username, location, autofill data, cookies, software set, and even hardware configuration like keyboard layout, UAC settings, etc.
Impact
- Credential Theft
- Unauthorized Access
Indicators of Compromise
MD5
- 26ec7418203795762f728e143977d350
- b1f48f2f41297895014e66eca0017343
- 70bf0ef21896874932a8a0de0810196a
- 5451226b27c7b1e06423448ffcdc2a68
SHA-256
- 338624127da652feafe2bb0f900026b970815cd68001921dd62f0877acdb2058
- a6876f1c666576ddea4b4c4f7d4ade1c98154e3ea63a711beee37bfa9a5467d1
- b40bc2a7ec87021c7ace8a7cec4497845f75cbcbef0e063ae9de8b4c1b7820d3
- 57cfc3a9d6712e50366644ee77fd3f7be4b7d2108c555d679095466d2fa44370
SHA-1
- 8a1a9c290eec1bca7cb8a4e7a9cc07f3fb8914ef
- ab40f3dd2113a67f8789ee99c5002acb93c04820
- f03f1772c0e6364921da42011bfc877bf0b70446
- 4555681bf902063e4a07f13cf9de13cddf3251c1
URL
- https[:]//crackit[.]org/revo-uninstaller-pro-crack-license-key/
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment.