Rewterz Threat Advisory – ICS: Siemens SINEC NMS Vulnerabilities
March 9, 2022Rewterz Threat Advisory – Multiple Adobe Illustrator and After Effect Vulnerabilities
March 10, 2022Rewterz Threat Advisory – ICS: Siemens SINEC NMS Vulnerabilities
March 9, 2022Rewterz Threat Advisory – Multiple Adobe Illustrator and After Effect Vulnerabilities
March 10, 2022Severity
High
Analysis Summary
Xloader Malware is next in line to another well known Windows-based info stealer called Formbook that’s known to void credentials from web browsers and other web-based applications, gather screenshots, log keystrokes, and execute files from attackers controlled domains. Xloader is distributing via spoofed emails containing malicious file attachments of Microsoft documents and infecting about 69 countries. between December 1, 2020, and June 1, 2021, with 53% of the infections reported in the U.S. alone, followed by China’s special administrative regions (SAR), Mexico, Germany, and France
Impact
- Credential Theft
- Infostealer
- Keylogging
Indicators of Compromise
MD5
- e5bb32287e7070903a4bac85fd97d213
- 90112a3f154b07a82e5ea523e7631f20
SHA-256
- 467f389d5a13b96d6afcfbcea98d2a7360f02d7dc6f24e493563a0967378ddca
- e98706b7597c00c854c61d51a05413681020c6096024aee23e924b6eeaee2a5d
SHA-1
- d05a26bb4baf301b2c27386b52c55b591ea9e628
- e2d32fef75f06b1301c80e7767177d4597696edb
Remediation
- Block all threat indicators at your respective controls.
- Search for IOCs in your environment.