• Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Press Release
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Alert – Malware Masquerading as Privacy Tool – Active IOCs
July 5, 2021
Rewterz Threat Alert – Lokibot Malware – Active IOCs
July 5, 2021

Rewterz Threat Alert – Sodinokibi Ransomware – IoCs

July 5, 2021

Severity

Medium

Analysis Summary

Sodinokibi ransomware usually targets victims, infecting systems via Microsoft Office documents. After encryption, a ransom note is found on infected systems. The ransomware usually demands a ransom of $850k or $1.7m for decrypting the files on the target system. The ransomware has re-emerged in cyberspace after a few months, earlier campaigns dating back to July and August 2020. Recently, few samples of Sodinokibi were found being distributed.

Impact

Files encryption
Information theft

Indicators of Compromise

SHA-256

  • d1665df9944daed8e43c19800be247316647fbccf6d87745bf530ce7b47a47e6
  • 8ad0277fb2d7b89c39b36879fc9d45677e24b0453eb6d696c53d03c2c87f8ac9
  • 58597c93cb3105796021080c936e15df3f4c4e690ac171e5413e565cc68893ee
  • 699149cba186ac9a3b9751585c0af7bd9ffeec6da8c5457917009b262f0123e0
  • e531055e4eccb9fce25e53b62c346eb2a923e38822311d2fb9a74b198553c6f4
  • b90507e4cb309c60e3498d65b5d0d4075f21975a1a41663211688a4f22803762
  • 824f4441df0fe3961bcfe8e044a69b0edc6b16c44ca14e30f26a184027cdfa10
  • 1f08cc17803197572203c4181612d681071d43d14de5d4b6a9b8c8d08002f454
  • b0b2db0bcaf6d68855220ee9c5b2c263804e576bc7dbc86bd4f6942001ccd302
  • 13f75bd01bab699a5073901cdc7b9f3b3c1065d28e4797b7c8176292f1e351f3
  • cfb840906f26b743904494dcde8cbac4643c89d07eed1d152812a550a6875f16
  • 33af2e69bac76993e6c47e43051837d4643a252ef0454e7179f2d302979926c8
  • 4bdc9a2a5f8cc96ad59a27f5b3867dff160771f871bef421e3fa5beeec3e3898
  • 626dff7c4bb58aec31b89f0601650ef80d8e7fc78df17ca7bc8dbc33fe55df64
  • 3601ea802259efc131664ac538f6ede0cb72d0041c7aaa1a887938295489b24c
  • f450060a34bac7477fd7001ba8d700d4dbc2fb246e6a0195a12a1e9fc5b595b4
  • 6b9da879de6eeb937660df3c0bfea80290eb7da5c69ff4335d496b3f95a0265d
  • 8b9d662ddb0fb85d0557f9c78d52621ab43f681e92df2f0119627864adefaa72
  • f022c61241b5e9401b370ef28e67f58830f559f92180854fa750f1287d2ecb25
  • a58ec4a58c6d2883e21b2b4d7d68862fad56203bf00dc755bc6946c2170d0603
  • 809829ae6d97790c95a1a65f3ce102ce5bc94df988d758bcf2a4cc4aebc98c14
  • 51a96d83d31ca8dc575c554cf6aff78ec4a63ee88b90d378d3dfc045ab593fd9
  • cdc62597a680d2a85cb25367bb949f01c0250354683bd783249a30d04d5ca0c1
  • f963a18cfddd5931c7dedeb1e101298d062c42a9254664f9c20c1a12157cb49a
  • afd4568a2511bd2186ebd9787f58d6f6904589c15e7d7a9f12305620a6ca09fe
  • 227d0f69735d37fb5a432b8d35fb0c198aa0cd33bc267e862dbd15687d1519ed
  • d1520b650624e27b6b555b04b9718c4a247a533f0410a4dee53e68218449f37a
  • 024a911872484967095509b28ad447549b960c3a8c1ff6e07a9c81c6b5d55914

Remediation

  • Block the threat indicators at their respective controls.
  • Do not download files attached in untrusted emails.
  • Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.