Rewterz Threat Alert – Remcos RAT – Active IOCs
August 17, 2022Rewterz Threat Alert – AveMaria RAT – Active IOCs
August 17, 2022Rewterz Threat Alert – Remcos RAT – Active IOCs
August 17, 2022Rewterz Threat Alert – AveMaria RAT – Active IOCs
August 17, 2022Severity
High
Analysis Summary
WannaCry – aka WCry or WanaCrptor – is one of the most dangerous ransomware infections that initially surfaced in a worldwide strike in May 2017, affecting over 150 nations. This ransomware outbreak in 2017 wreaked havoc on hospitals, banks, and telecommunication firms all around the world. It has worm-like qualities and uses the SMBv1 vulnerability EternalBlue to propagate through a computer network. WannaCry encrypts user data and demands a Bitcoin payment in order to unlock them.
Impact
- File Encryption
Indicators of Compromise
MD5
- 4d9c771619255c9b937c34b4c50cec7e
SHA-256
- adb41a37499a6f0f5b1e58b1973367dd34a695293dc1fed601c79d21fd0754c1
SHA-1
- 55177cd9cefc6369db31b23e324d3263b4d4e6a6
Remediation
- Block all threat indicators at your respective controls
- Search for IOCs in your environment.