Rewterz Threat Advisory – Multiple Cisco Vulnerabilities
April 7, 2022Rewterz Threat Alert – APT MustangPanda – Active IOCs
April 7, 2022Rewterz Threat Advisory – Multiple Cisco Vulnerabilities
April 7, 2022Rewterz Threat Alert – APT MustangPanda – Active IOCs
April 7, 2022Severity
High
Analysis Summary
WannaCry is also called WCry or WanaCrptor ransomware malware, this ransomware can encrypt all your data files and demands a payment to restore the stolen information, usually in bitcoin with a ransom amount. WannaCry is one of the most dangerous malware ever used for cyberattacks. The attackers behind WannaCry ransomware uses a tool called Eternal Blue to exploit a vulnerability in the Windows Server Message Block, or SMB Protocol. WannaCry ransomware have caused serious disruptions in healthcare sector and financial sector and locked out users from their data.
Impact
- File Encryption
Indicators of Compromise
MD5
- d023ca576ab04ff800393881e0403e9771dc3ffe
- 65b51141712a656fef647f9db39b90386f77b4fc
SHA-256
- cae6c51a6292c0c3426777e9f8b7b324c018550d3e4dfa4d053cb29f089265f3
- 32f8ea2e64ffea77c2f055bef09c2e762ec02f99132a56fe0f4d87ff6ad28a94
SHA-1
- d023ca576ab04ff800393881e0403e9771dc3ffe
- 65b51141712a656fef647f9db39b90386f77b4fc
Remediation
- Block all threat indicators at your respective controls
- Search for IOCs in your environment.