Rewterz Threat Alert – Cobalt Strike Malware – Active IOCs
July 13, 2022Rewterz Threat Advisory – Multiple VMware vRealize Log Insight Vulnerabilities
July 13, 2022Rewterz Threat Alert – Cobalt Strike Malware – Active IOCs
July 13, 2022Rewterz Threat Advisory – Multiple VMware vRealize Log Insight Vulnerabilities
July 13, 2022Severity
High
Analysis Summary
Conti ransomware was discovered in December 2019 and is delivered via TrickBot. It’s been utilized against large companies and government institutions across the world, especially in North America. Conti steals important files and information from targeted networks and threatens to disseminate it unless the ransom is paid. Conti ransomware enhances performance by utilizing “up to 32 simultaneous encryption operations,” and is very likely directly controlled by its controllers. This ransomware can target network-based resources while ignoring local files. This feature has the noticeable impact of being able to create targeted harm in an environment in a way that might hinder incident response actions.
Indicators Of Compromise
MD5
- 641d7e44b87e88608443d6423937d983
SHA-256
- 904e0855772f56721cc157641a26bb7963651e5a45c3bb90764328b17081abd5
SHA-1
- 7e9f57de4eaf2fa3535c1b4f0c5fa1f33b3dd2ac
Impact
- File Encryption
- Cyber Espionage