Rewterz Threat Alert –DangerousPassword APT Group – Active IOCs
October 2, 2022Rewterz Threat Alert – Chaos Ransomware – Active IOCs
October 2, 2022Rewterz Threat Alert –DangerousPassword APT Group – Active IOCs
October 2, 2022Rewterz Threat Alert – Chaos Ransomware – Active IOCs
October 2, 2022Severity
High
Analysis Summary
WannaCry is also called WCry or WanaCrptor ransomware malware, this ransomware can encrypt all your data files and demands a payment to restore the stolen information, usually in bitcoin with a ransom amount. WannaCry is one of the most dangerous malware ever used for cyberattacks. The attackers behind WannaCry ransomware uses a tool called Eternal Blue to exploit a vulnerability in the Windows Server Message Block, or SMB Protocol. WannaCry ransomware have caused serious disruptions in healthcare sector and financial sector and locked out users from their data.
Impact
- File Encryption
Indicators of Compromise
MD5
- 4ae2a9a090d594271dc2b28b52fa41ad
- 6d1d5d0040310af26f8e39b552497a6c
SHA-256
- 7aebbcd75ea79673da63fee5f95805aa0ca8ef2ce8761faec09d1d0183a3adfc
- ad55f0db99cb7b4cc2189bb0434d6002f8bd2bf99e25d56d61d12e82dd8320d9
SHA-1
- 55c3f9bc95f7d8b2324fb7cf142f78a92c2b5cee
- bb428544826360308655365d654611831201f4b5
Remediation
- Block all threat indicators at your respective controls
- Search for IOCs in your environment.