Rewterz Threat Alert – SNAKE Ransomware – Active IOCs
November 2, 2021Rewterz Threat Alert – Amadey Botnet – Active IOCs
November 2, 2021Rewterz Threat Alert – SNAKE Ransomware – Active IOCs
November 2, 2021Rewterz Threat Alert – Amadey Botnet – Active IOCs
November 2, 2021Severity
Medium
Analysis Summary
Smokeloader is a popular bot and a veteran in its field, this piece of malware is used mainly for loading other malicious software, usually obtained from a third party. At the same time, it has the capability of loading its own modules, allowing it to conduct a variety of actions without the usage of external components. The seller of Smokeloader (which is known by the handle SmokeLdr) is active in providing this malware as a service to this date.
Impact
- Information Theft
- Exposure of Sensitive Data
Indicators of Compromise
MD5
- 5ffd37da5c2f2e86ab9184c222e08092
- 037f053cffee4d41802501982fe343d7
- 44f3df565ea513889480cab1dc41e07b
SHA-256
- e82fdabc1734936b4601957850d098699eb69865e43040bb447d71bfa049f193
- c92f37cd8929daa646fa12aa70a933d5ecb625e455c332d2b5665d58083c1d80
- 363388b9a8cc714944340308949c5675fc0a1a75c34ac0ae8989cc9c33a3b427
SHA-1
- e43eed8a46bda2b43790f784450a39dde8b98cea
- ad98e1669d79dc47365f65df387a771422522307
- 5edfb6d17938151571707e71285a8cf682265f43
Remediation
- Exercise caution when receiving messages from unknown senders.
- Block all threat indicators at your respective controls.
- Keep your software updated to the latest patches.
- Search for IOCs in your environment.