ioc[.]one - OSINT Cyber Threat Intelligence Database

Rewterz Threat Alert – An Emerging Ducktail Infostealer – Active IOCs

Tags

country:	U.S. Virgin Islands
attack-pattern:	Data Credentials - T1589.001 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Vulnerabilities - T1588.006 Scripting - T1064 Scripting

Show in Graph

Common Information

Type	Value
UUID	31ac82be-22a5-43ac-806b-7a7302bf6336
Fingerprint	a5b62851ba7f8fd5
Analysis status	DONE
Considered CTI value	2
Text language
Published	Nov. 14, 2023, 7:52 a.m.
Added to db	Nov. 20, 2023, 9:25 a.m.
Last updated	Nov. 17, 2024, 12:57 p.m.
Headline	Rewterz Threat Alert – An Emerging Ducktail Infostealer – Active IOCs
Title	Rewterz Threat Alert – An Emerging Ducktail Infostealer – Active IOCs
Detected Hints/Tags/Attributes	63/2/17

Source URLs

	Redirection	Url
Details	Source	https://www.rewterz.com/rewterz-news/rewterz-threat-alert-an-emerging-ducktail-infostealer-active-iocs-22/

URL Provider

Details	Provider	Source level domain
Details	rewterz.com	www.rewterz.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	365	✔	—	https://www.rewterz.com/feed	2024-08-30 22:08

Attributes

Details	Type	#Events	CTI	Value
Details	File	8		libbridged.exe
Details	File	96		wallet.dat
Details	md5	1		8f1c5d99fc8549209ce5b63f316b5720
Details	md5	1		8272a754e1d4377e638f144587fabe8d
Details	md5	1		f22de283a40f415799ca81e6491aa553
Details	md5	1		b703e4deff72e5029fc3c37875c4b66d
Details	md5	1		0cf6e7854637b4f950b4522b2c440888
Details	sha1	1		bcccb3db6927a682f188c188f3100f9e7fd90987
Details	sha1	1		28d721a6535f03b86a23642345ca46ea6a442848
Details	sha1	1		5866d4cac682c92af1cf118284f684e5e2f63df6
Details	sha1	1		cb4ab3a997c623f5a9a6d025b672d093b93515fb
Details	sha1	1		9abecba4c7cb10b8b70c4e9c9458db896adc707e
Details	sha256	1		f63a104f04a335e66e77aff6a69641f2015b6fe0ddff4af3b7675ec90779dd98
Details	sha256	1		401043cffb3db874ea4fd86aa6899585f0f2ae540675eacd67924c06f446374b
Details	sha256	1		9fa992ddd7d56d13558ecfd4874e5bed2dea1c7311c317893b52922f88978bb2
Details	sha256	1		668f57ea3d2ce67ecf2d22bf6e26daebb88ee701b8135c43c096392651bcbeec
Details	sha256	1		8e17b380841896856538b7cfed0bef8c1ccbd1df58be2113b1ee3b2bd103a2cc