Rewterz Threat Alert – SNAKE Ransomware – Active IOCs
July 28, 2021Rewterz Threat Alert – GuLoader Malspam Campaign – Fresh IOCs
July 28, 2021Rewterz Threat Alert – SNAKE Ransomware – Active IOCs
July 28, 2021Rewterz Threat Alert – GuLoader Malspam Campaign – Fresh IOCs
July 28, 2021Severity
Medium
Analysis Summary
Smokeloader is a popular bot and a veteran in its field, this piece of malware is used mainly for loading other malicious software, usually obtained from a third party. At the same time, it has the capability of loading its own modules, allowing it to conduct a variety of actions without the usage of external components. The seller of Smokeloader (which is known by the handle SmokeLdr) is active in providing this malware as a service to this date.
Impact
- Exposure of sensitive information
- Information theft
Indicators of Compromise
MD5
- 05301914c068da0fa9cdced9d6790fea
- 5fdf121cb4dd35888572cac6d72ee537
SHA-256
- c4c4ca5f5d3e0c39e6239f9a9d274d5182990c4ad7e204bfa3cc267b424b56b3
- fe7c7197714524775e51c736e4e4c5d0a853cc4ce4173b9a81337b995322f09e
SHA-1
- 1e8e646f4a2a33aac306061d139d83df9d954202
- 983fdde447e6a7001da5b1b24a8e988d5ba20965
Remediation
- Exercise caution when receiving messages from unknown senders.
- Block all threat indicators at your respective controls.
- Keep your software updated to latest patches.
- Search for IOCs in your respective controls.