Rewterz Threat Alert – An Emerging Ducktail Infostealer – Active IOCs
Tags
country: U.S. Virgin Islands
attack-pattern: Data Credentials - T1589.001 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Vulnerabilities - T1588.006 Scripting - T1064 Scripting
Show in Graph
Common Information
Type Value
UUID 1444102f-19c2-4531-b94d-91148476737c
Fingerprint a4262811ac7f8fd5
Analysis status DONE
Considered CTI value 2
Text language
Published Oct. 24, 2023, 11:03 a.m.
Added to db Oct. 31, 2023, 12:28 p.m.
Last updated Nov. 17, 2024, 12:57 p.m.
Headline Rewterz Threat Alert – An Emerging Ducktail Infostealer – Active IOCs
Title Rewterz Threat Alert – An Emerging Ducktail Infostealer – Active IOCs
Detected Hints/Tags/Attributes 60/2/14
Source URLs
Redirection Url
Details Source https://www.rewterz.com/rewterz-news/rewterz-threat-alert-an-emerging-ducktail-infostealer-active-iocs-20/
URL Provider
Details Provider Source level domain
Details rewterz.com www.rewterz.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 365 https://www.rewterz.com/feed 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details File 8 
libbridged.exe
Details File 96 
wallet.dat
Details md5 1 
1cdcd6dedd0745d9f58ca557ffd2b2b6
Details md5 1 
953e5f3a1ac9b68e85dde95d5594fc6d
Details md5 1 
5c83d699c63ec232ee295958c9b7b875
Details md5 1 
009652e9b7105ae131ef792dd2ec0f83
Details sha1 1 
fe050935a85c9ae5031e8130f388302189224fb8
Details sha1 1 
63dcc03c24de9db31e739a75a9ae39c30fa768ec
Details sha1 1 
e58858af9bc7e4e10321e35d25dbe038918fd855
Details sha1 1 
920f54fae332625b32f94f42f7b22647af7e081e
Details sha256 1 
f3fd5dbb5a9e8fdcd3fd7f33151d7dad06d85b9b4c266e7d86bc1c6c37fa9d3e
Details sha256 1 
34f13c3634864733512ac69407411e16cb3739329b2e65bdfd1458901a62f42c
Details sha256 1 
676903c4e2cab6de26d2d28e7efb55e65c64e7e7da0381f58fb3900921963168
Details sha256 1 
7b00550be05be0a4984854a75b97a13a42fe034df4f2decdd465bfb1270c47bd