Rewterz Threat Alert – Cryptomining Worms Steals AWS Credentials - Rewterz
Tags
attack-pattern: | Data Credentials - T1589.001 Html Smuggling - T1027.006 Malware - T1587.001 Malware - T1588.001 Server - T1583.004 Server - T1584.004 Tool - T1588.002 Rootkit - T1014 Rootkit |
Common Information
Type | Value |
---|---|
UUID | ccbd3e58-da10-4c9b-9afd-23d051486372 |
Fingerprint | 898285cbec87851f |
Analysis status | DONE |
Considered CTI value | 2 |
Text language | |
Published | Aug. 19, 2020, 11:30 a.m. |
Added to db | Dec. 19, 2024, 7:29 p.m. |
Last updated | Dec. 19, 2024, 7:30 p.m. |
Headline | Rewterz Threat Alert – Cryptomining Worms Steals AWS Credentials |
Title | Rewterz Threat Alert – Cryptomining Worms Steals AWS Credentials - Rewterz |
Detected Hints/Tags/Attributes | 28/1/33 |
Source URLs
URL Provider
Attributes
Details | Type | #Events | CTI | Value |
---|---|---|---|---|
Details | CVE | 3 | cve-2020-6556 |
|
Details | Domain | 6 | punk.py |
|
Details | File | 6 | punk.py |
|
Details | sha256 | 4 | 78037e2d2e596bd450b99551535fa9c38c4e8346ab75eb424bf9e95316424fbe |
|
Details | sha256 | 4 | 4f115381c17ba1dedb25d35d922feda9a723e206d811ed437b75fd8116ef461b |
|
Details | sha256 | 4 | 4a5d3435cd4a835056b4940e1cea9a25b1619562525bd9953a120b556b305983 |
|
Details | sha256 | 4 | 230e2a06df2cd7574ee15cb13714d77182f28d50f83a6ed58af39f1966177769 |
|
Details | sha256 | 5 | 07377cac8687a4cde6e29bc00314c265c7ad71a6919de91f689b58efe07770b0 |
|
Details | sha256 | 4 | da43ed194729f82db68b1d91a17cea6afde8ae81357116c35c4c129888a836bf |
|
Details | sha256 | 2 | 2c24ff738b998ead33f514f0a63f95a106fa220cdb084d7402e889b037362e16 |
|
Details | sha256 | 1 | 5bf2c350441cd15e2d7852a513f863b0b7649582deb297467a718c1c5aa33b21 |
|
Details | sha256 | 3 | a79d4f5633dbbe98842d5073b41cc25468679c46e011373587ffdbc544d1ea12 |
|
Details | sha256 | 3 | c55e4c67ba3cf54360a88980183767522fc05e8bf076f31399ee45efbfbd78e5 |
|
Details | sha256 | 3 | 9f5e14ca8c877b7dff84ffbe018c461233af975654bd5b87431920dfc24568a5 |
|
Details | sha256 | 7 | 705a22f0266c382c846ee37b8cd544db1ff19980b8a627a4a4f01c1161a71cb0 |
|
Details | sha256 | 3 | 68ad2df23712767361d17a55ee13a3b482bee5a07ea3f3741c057db24b36bfce |
|
Details | sha256 | 4 | 79a060a0efcf4a1538c58e532b984dcd927fda17ca9fd10c2ff212f9d9d76be6 |
|
Details | sha256 | 3 | a386aced768146fecfe81cac214c51c7e575b2c0c27a29c683e3357706f651ba |
|
Details | sha256 | 3 | f64a828d58ac5bbdde5e982ebb0766c8969cb63b4ab642467392042f2a594295 |
|
Details | sha256 | 5 | 616c3d5b2e1c14f53f8a6cceafe723a91ad9f61b65dd22b247788329a41bc20e |
|
Details | sha256 | 4 | bcfa215dec8fe15d4265c508c39c1ebafb7370acc95721e4e7d610b0459eb8dd |
|
Details | sha256 | 3 | 15dce6f833812b119de9447db49e61f5c238c4e45b0dafbe0b6af0ab50bb329a |
|
Details | sha256 | 4 | b556d266b154c303bb90db005d7dd4267ed8d0e711e3fd32406c64b1fc977f9e |
|
Details | sha256 | 7 | 3a377e5baf2c7095db1d7577339e4eb847ded2bfec1c176251e8b8b0b76d393f |
|
Details | sha256 | 4 | feb0a0f5ffba9d7b7d6878a8890a6d67d3f8ef6106e4e88719a63c3351e46a06 |
|
Details | sha256 | 5 | 0742efecbd7af343213a50cc5fd5cd2f8475613cfe6fb51f4296a7ec4533940d |
|
Details | sha256 | 4 | 72b1cbfbd87c6cd85b9dc1da48c852768003e7fb4f01d8f6904921474be199ad |
|
Details | sha256 | 4 | 1aaf7bc48ff75e870db4fe6ec0b3ed9d99876d7e2fb3d5c4613cca92bbb95e1b |
|
Details | sha256 | 5 | 929c3017e6391b92b2fbce654cf7f8b0d3d222f96b5b20385059b584975a298b |
|
Details | sha256 | 4 | 2c40b76408d59f906f60db97ea36503bfc59aed22a154f5d564d8449c300594f |
|
Details | IPv4 | 1 | 129.211.98.236 |
|
Details | IPv4 | 9 | 85.214.149.236 |
|
Details | IPv4 | 1 | 203.195.214.104 |