Rewterz Threat Alert – SNAKE Ransomware – Active IOCs
July 2, 2021Rewterz Threat Alert – Donot APT Group – IOCs
July 2, 2021Rewterz Threat Alert – SNAKE Ransomware – Active IOCs
July 2, 2021Rewterz Threat Alert – Donot APT Group – IOCs
July 2, 2021Severity
Medium
Analysis Summary
Smokeloader is a popular bot and a veteran in its field, this piece of malware is used mainly for loading other malicious software, usually obtained from a third party. At the same time, it has the capability of loading its own modules, allowing it to conduct a variety of actions without the usage of external components. The seller of Smokeloader (which is known by the handle SmokeLdr) is active in providing this malware as a service to this date.
Impact
- Exposure of sensitive information
Indicators of Compromise
MD5
287e928382dad8ff1aa18148421ee984
a30c72450fd47b61f1790a800193f85a
9f1daedea22a51085de9d6a0e5750c5b
6278d50da6d398cec9f1d53f66df6523
SHA-256
- c2fe29a6da53447a6f9f112e7b2af81e3fcdd85cca2ecac816d145e580bfcdf8
- b20c55491221fdc6988afecb9f467ad9f86530a2b001b940f9c98d6a65fb0c68
- 02382ceaa48910b77cd6566afb517a8511acaa4201e277007e2158e41e5bd9ed
- 79884015c62283faf473df2a8f7d704e9fc96f5efbfea82dce7c8be87ef02455
SHA-1
- c5fbe7bcb7adbfd8cadd52162cc58b2f5ba7d3b3
- 0d0d134eb5526730c953059cd23c18c7ce1ed733
- 9b87cc93f89fbb5a3a2b18659d274c0ae1ab5d98
- a55c685b8d947dcc2c7aa3fbe2e57750bc80d416
Remediation
- Block all threat indicators at your respective controls
- Keep your software patches updated
- Exercise caution when receiving messages from unknown third parties