Rewterz Threat Alert – STOP/DJVU Ransomware – Active IOCs
August 11, 2022Rewterz Threat Advisory – CVE-2022-37393 – Zimbra Vulnerability
August 11, 2022Rewterz Threat Alert – STOP/DJVU Ransomware – Active IOCs
August 11, 2022Rewterz Threat Advisory – CVE-2022-37393 – Zimbra Vulnerability
August 11, 2022Severity
High
Analysis Summary
WannaCry – aka WCry or WanaCrptor – is one of the most dangerous ransomware infections that initially surfaced in a worldwide strike in May 2017, affecting over 150 nations. This ransomware outbreak in 2017 wreaked havoc on hospitals, banks, and telecommunication firms all around the world. It has worm-like qualities and uses the SMBv1 vulnerability EternalBlue to propagate through a computer network. WannaCry encrypts user data and demands a Bitcoin payment in order to unlock them.
Impact
- File Encryption
Indicators of Compromise
MD5
- 0c694193ceac8bfb016491ffb534eb7c
SHA-256
- dbf3890b782ac04136c3336814eef97e3c0f4133f9592e882c131c179161b27b
SHA-1
- 3afa73283d1e17de1bde6cc14e19417e70fc9554
Remediation
- Block all threat indicators at your respective controls
- Search for IOCs in your environment.