• Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Press Release
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Alert – Wanna Cryptor aka WannaCry Ransomware – Active IOCs
November 28, 2022
Rewterz Threat Alert – Cobalt Strike Emerging Malware Campaign – Active IOCs
November 29, 2022

Rewterz Threat Alert – Tofsee Malware – Active IOCs

November 28, 2022

Severity

High

Analysis Summary

Tofsee malware has been around since 2016. Once installed on a compromised computer, it can be used to send spam emails and gather user data. The malware has the ability to download more modules to carry out different activities. It can track users’ online activities, steal personal information and credentials, and change browser and DNS settings. Tofsee can be distributed via email as attachments or by bundling it with other programs. This malware can cause major damage, such as financial loss and computer infections. It is used by cybercriminals to generate as much revenue as possible. The program is likely to install unintentionally, causing a slew of issues for both the system and other users.

Impact

  • Information Theft
  • Credential Theft
  • Crypto-Mining

Indicators of Compromise

MD5

8dd4683ef330a01ad4bddb235e0ce979
d7b532fd7066605a504931c662e7d2ac
f970733c13892354f2e10f29ca7f909e

SHA-256

989d463e7bcb0d447f535907afa609bda02b1a4d890ca346412c2e88e0825a06
2a38da153b5d1b2bfe12cabad4cdc99a2c1689d0161e796559b5ea72d241defe
92cf607ad69e45d21301f6735fa0fd48ea7a96c8e7607e0704972e5e1f177aa5

SHA-1

01752bc920bce549e420294513c613bd07c731c7
bba937bda24e6cd81d8ec324dfa60b15c39ef205
6428b3198b95912f89a0504fc508ecd241c4d992

Remediation

  • Block all threat indicators at your respective controls.
  • Search for IOCs in your environment.
  • Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.