• Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Transform
      • SOC Consultancy
      •     SOC Maturity Assessment
      •     SOC Model Evaluation
      •     SOC Gap Analysis
      •     SIEM Gap Analysis
      •     SIEM Optimization
      •     SOC Content Pack
    • Train
      • Security Awareness and Training
      • Tabletop Exercise
      • Simulated Cyber Attack Exercises
    • Respond
      • Incident Response
      • Incident Analysis
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Press Release
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
Rewterz Threat Alert – Malicious IPs and Domains
March 19, 2019
Rewterz Threat Alert – CEO Fraud Themed Phishing Email
March 20, 2019

Rewterz Threat Alert – Multiple Phishing Campaigns – Indicators of Compromise

March 19, 2019

Severity

Medium

Analysis Summary

Following threat indicators have been retrieved from multiple malware and phishing campaigns. These malicious IPs and domains are involved in dropping various Trojans and malware.

Impact

  • Olympic Destroyer 
  • AutoIT malware

Indicators of Compromise

IP(s) / Hostname(s) 159.148.186[.]116
5.133.12[.]224
86.96.193[.]134
URLs accountservice[.]org
ilmuniversityonline[.]com
newage[.]minernewage[.]com
newage[.]newminersage[.]com
newage[.]radnewage[.]com
Filename verclsid.exe
streamer.exe
stream.txt
Malware Hash (MD5/SHA1/SH256) 02017a5216d0726471de5ecca0610fa25d946148476b6af172c786b29b87c88e
09fa321c109450dba8b97f8b8e268e9a8e996b3febc0f02127927a8a3d314269
51a32b51cd38c043944c85095e518f33685f68125e1bd388fcdaee6b12a696d5
893b978f47cd4c2f30e1f5e3bb75bee9aa996ddb12e79f882bfbb2f5d53d1a64
aac65773727c6eb86accd7b3905da6d2dbfc945fe57101f86bb5ceba12db1496
ac17114be068f1cdfe1e660ddbe78dd73f8d7259be0fcd5a64cb4df8b9611daf
b85027de6871e2ed1a2154edb645fd016807989b44107fc2804eb6e9acce3b9d
c0137e41f9d1b165c57e76714bb44e4ca4de2f8f83f6fd4bd34c90ed01553764
77c2372364b6dd56bc787fda46e6f4240aaa0353ead1e3071224d454038a545e
b4d8d7cbec7fe4c24dcb9b38f6036a58b765efda10c42fce7bbe2b2bf79cd53e

  • Block the threat indicators at their respective controls.
  • Keep operating system patches up-to-date.
  • Never click on the links/attachments sent by unknown senders.
  • Services
    • Assess
      • Compromise Assessment
      • APT Assessment
      • Penetration Testing
      • Secure Architecture Design & Review
      • Red Team Assessment
      • Purple Team Assessment
      • Social Engineering
      • Source Code Review
    • Respond
      • Incident Response
      • Incident Analysis
  • Transform
    • SOC Consultancy
    •     SOC Maturity Assessment
    •     SOC Model Evaluation
    •     SOC Gap Analysis
    •     SIEM Gap Analysis
    •     SIEM Optimization
    •     SOC Content Pack
  • Train
    • Security Awareness and Training
    • Tabletop Exercise
    • Simulated Cyber Attack Exercises
  • Managed Security
    • Managed Security Monitoring
      • Remote SOC
      • Onsite SOC
      • Hybrid SOC
    • Managed Security Services
      • Managed Detection and Response
      • Managed Endpoint Detection and Response
      • Managed Threat Intelligence
      • Managed Threat Hunting
      • Managed Risk-Based SOAR
      • Managed Penetration Testing
  • Solutions
  • Resources
    • Blog
    • Threat Advisory
  • Company
    • About Us
    • Careers
    • Contact
COPYRIGHT © REWTERZ. ALL RIGHTS RESERVED.