Rewterz Threat Alert – Nanocore Rat – Active IOCs
August 17, 2021Rewterz Threat Alert – Oski Data Stealer Malware – Active IOCs
August 17, 2021Rewterz Threat Alert – Nanocore Rat – Active IOCs
August 17, 2021Rewterz Threat Alert – Oski Data Stealer Malware – Active IOCs
August 17, 2021Severity
High
Analysis Summary
Sodinokibi ransomware usually targets victims, infecting systems via Microsoft Office documents. After encryption, a ransom note is found on infected systems. The ransomware usually demands a ransom of $850k or $1.7m for decrypting the files on the target system. The ransomware has re-emerged in cyberspace after a few months, earlier campaigns dating back to July and August, 2020. Recently, few samples of Sodinokibi were found being distributed.
Impact
- Files encryption
- Information theft
Indicators of Compromise
MD5
- 21e25d30d4258366c12f76cc1b534fd8
SHA-256
- 3c56d3fe6373d5b84074f214b883ca65685d04141ff829f73ff65531bf1f86ad
SHA-1
- 0c77e2d7c180a7923e7c1236e1f758cc9956e939
Remediation
- Block the threat indicators at their respective controls.
- Do not download files attached in untrusted emails.