Rewterz Threat Alert – Remcos RAT – Active IOCs - Rewterz
Tags
| attack-pattern: | Malware - T1587.001 Malware - T1588.001 Software - T1592.002 |
Common Information
| Type | Value |
|---|---|
| UUID | c7f404c5-8f9a-4896-963e-aed679a3b4aa |
| Fingerprint | a5960bcd8ecfaf4f |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Sept. 22, 2022, 2:51 p.m. |
| Added to db | Dec. 19, 2024, 6:42 p.m. |
| Last updated | Dec. 19, 2024, 8:51 p.m. |
| Headline | Rewterz Threat Alert – Remcos RAT – Active IOCs |
| Title | Rewterz Threat Alert – Remcos RAT – Active IOCs - Rewterz |
| Detected Hints/Tags/Attributes | 14/1/15 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 53 | machine.it |
|
| Details | md5 | 1 | d939bff9dad8eb49995a3ff86778977e |
|
| Details | md5 | 1 | d10f40f028e28a2afdfe8fa0c5a0a6e9 |
|
| Details | md5 | 1 | 45a141133ea90216158e0651e641fd1f |
|
| Details | md5 | 1 | f971bc24ec679d4a5f7367a80728ada7 |
|
| Details | sha1 | 1 | d04374e97d90a41ae508def54f972775e349a447 |
|
| Details | sha1 | 1 | b23419d499b968ef1f20c9f116d9c8c5fad8a510 |
|
| Details | sha1 | 1 | bf4904635ad87262bd2188ddac95b45956a4d1c4 |
|
| Details | sha1 | 1 | 5e214e4ecac52daa48cac2c3e90d4eacfdaa911d |
|
| Details | sha256 | 1 | 2362a806bc316abb7b8c8d163af1da642549a6617d0c6767ee93969b9bedea94 |
|
| Details | sha256 | 1 | db7e437d9b1df7818cd773e4874aede56f5252be045fc89921644f39eeff66a4 |
|
| Details | sha256 | 1 | 8938f080347aa0b5a42882e6c0262d32323fc6aa75810b2bbbd68467754c1a37 |
|
| Details | sha256 | 1 | 110190c8c696f2e357a9445c1ca65a574fff65388d384b859de1a717b651ed7c |
|
| Details | IPv4 | 4 | 209.127.20.13 |
|
| Details | Url | 1 | http://209.127.20.13/jubile.js |