Rewterz Threat Alert – RATs Wrapped and Hidden in PNG
March 5, 2020Rewterz Threat Advisory – CVE-2020-10189 – Zoho Critical Zero-Day Flaw Disclosed
March 7, 2020Rewterz Threat Alert – RATs Wrapped and Hidden in PNG
March 5, 2020Rewterz Threat Advisory – CVE-2020-10189 – Zoho Critical Zero-Day Flaw Disclosed
March 7, 2020Severity
High
Analysis Summary
FASTCash schemes remotely compromise payment switch application servers within banks to facilitate fraudulent transactions. Lazarus has been targeting this fastcash schemes previous aly as well for their financial gains and targeting different banking sectors around the world.
Impact
Financial Loss
Indicators of Compromise
MD5
- 932a845b27d5fb9ec78638a839ba5fb1
- 7f6263ccd71f05e5d3a7ca694ae513ad
- 8bd120acee67839d73ff6b1fea81b37a
- 7a372a2f85e9d2b6a3aebb63d8884080
SHA-256
- a17e6634ddbb192ae03a11603c44687dfc99d8968b66057487761a601fa2b159
- 3df7d613434b4b66295b0b83cc2bd1fce1b13661099a1df59a4b900e87ca0b14
- 927ec6575482f38b5c832aea665fe4d17c79ad9cac78e563f660ab1c858496c8
- 209d6c39e187e53339b77571f47baa9e1b9b9630c19f763116680554212732b6
SHA1
- 716f4d04c0b75c320e18b7baaf9aaa9e17596faf
- 721ba19465d9758becad3c62676364c8ca18a269
- 9c16b9332f70a7ee5aecc98f67e59986d9c188fb
- d47868a0f152c9b30d1d4afbc7a046132da1bc27
Remediation
- Block all threat indicators at your respective controls.
- Always be suspicious about emails sent by unknown senders.
- Never click on the links/attachments sent by unknown senders.