November 20, 2023
Severity Medium Analysis Summary Agent Tesla is a very popular spyware Trojan built for the.NET framework. Since its initial appearance in 2014, this has been deployed […]
Rewterz Threat Alert – Nanocore – IoCs
November 27, 2020Rewterz Threat Alert – APT C-23 Active in Middle East
November 30, 2020Rewterz Threat Alert – Nanocore – IoCs
November 27, 2020Rewterz Threat Alert – APT C-23 Active in Middle East
November 30, 2020
Severity
High
Analysis Summary
The APT group known as StrongPity is back with a new campaign targeting users in different regions. The group has previously targeted financial, industrial and educational sectors for data exfiltration and to look out for any file or document from a victim’s machine. The group also known as Promethium and StrongPity, the earliest attack activity of the APT organization can be traced back to 2012 . The organization is mainly targeting Italy, Turkey, Belgium, Syria, Europe and other regions and countries to conduct attacks.
Impact
- Data exfiltration
- Exposure of sensitive data
Indicators of Compromise
MD5
- 36974f80c00cef2ddf862b6cf019e274
- 69f6ad487f8d63c60407f3e1bb3945df
SHA-256
- 0265e9f22753a574dcc0f20fdb1838aaf22ba17e8f2577d1d88a811ed1f6467b
- 0f4933ae0b67f03154f36c3e47acd5eece9b3872677a30fdaf22df952b96b704
SHA1
- 08316e35670e78053822eff1df1105bfc126e435
- b4a8dfc185c7c2ea6a195ece7ea8021ce705eb4a
Remediation
- Search for IOCs in your environment
- Block all threat indicators at your respective controls.