Rewterz Threat Advisory –CVE-2021-30591 – Google Chrome Security Vulnerability
August 12, 2021Rewterz Threat Alert –Dharma Ransomware – Active IOCs
August 12, 2021Rewterz Threat Advisory –CVE-2021-30591 – Google Chrome Security Vulnerability
August 12, 2021Rewterz Threat Alert –Dharma Ransomware – Active IOCs
August 12, 2021Severity
High
Analysis Summary
Xloader Malware is next in line to another well-known Windows-based info stealer called Formbook that’s known to void credentials from web browsers and other web-based applications, gather screenshots, log keystrokes, and execute files from attackers controlled domains. Xloader is distributing via spoofed emails containing malicious file attachments of Microsoft documents and infecting about 69 countries. Between December 1, 2020, and June 1, 2021, with 53% of the infections reported in the U.S. alone, followed by China’s special administrative regions (SAR), Mexico, Germany, and France.
Impact
- Credential Theft
- Infostealer
- Keylogging
Indicators of Compromise
SHA-256
- e8ec283990b2708cd8f2fab9851f033faa727881b630ea4d32d57217096a884b
URL
- http[:]//3[.]250[.]217[.]244/www
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment.