April 19, 2024
Proactive Defense: The Importance of Incident Response Planning in Cybersecurity
Rewterz Threat Alert – FunkyBot A New Android Malware Family
October 7, 2019Rewterz Threat Alert – PKPLUG Attacking Asia
October 7, 2019Rewterz Threat Alert – FunkyBot A New Android Malware Family
October 7, 2019Rewterz Threat Alert – PKPLUG Attacking Asia
October 7, 2019
Severity
High
Analysis Summary
FireEye recently reported on APT41, a Chinese state sponsored espionage group. The group has been documented as targeting healthcare, high-tech, and telecommunications companies for traditional corporate espionage purposes. Additionally this group has also targeted companies in the video game industry for financial gain. Crosswalk is a modular backdoor application that gathers system information and is capable of executing shell code in response to C2 messages.
Impact
Financial loss
Indicators of Compromise
Malware Hash (MD5/SHA1/SH256)
- db866ef07dc1f2e1df1e6542323bc672dd245d88c0ee91ce0bd3da2c95aedf68
- 300519fa1af5c36371ab438405eb641f184bd2f491bdf24f04e5ca9b86d1b39c
- 9d0ac935b9e0d6c86fc2904477638af6e4b68d020c2956912e5109cc6219c08f
- f6d0cd5b6aa6ccea3ba3cb63b26420f6579d4a07164944e1013e093c521c5687
Remediation
- Block all threat indicators at your respective controls.
- Always be suspicious about emails sent by unknown senders.
- Never click on the links/ attachments sent by unknown senders.