Rewterz Threat Alert – Remcos RAT – Active IOCs - Rewterz
Tags
| attack-pattern: | Malware - T1587.001 Malware - T1588.001 Software - T1592.002 |
Common Information
| Type | Value |
|---|---|
| UUID | cd8045db-f2e9-4290-9cbb-4ec696ba403a |
| Fingerprint | 85966bcd8687ce4f |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Aug. 12, 2022, 1:36 p.m. |
| Added to db | Dec. 19, 2024, 10:06 a.m. |
| Last updated | Dec. 20, 2024, 3:58 p.m. |
| Headline | Rewterz Threat Alert – Remcos RAT – Active IOCs |
| Title | Rewterz Threat Alert – Remcos RAT – Active IOCs - Rewterz |
| Detected Hints/Tags/Attributes | 18/1/13 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 53 | machine.it |
|
| Details | md5 | 1 | 3a3bfb3ab5fa0e2aa5ad155f48af983f |
|
| Details | md5 | 1 | 75f396338d6ee42469ca52c3452d111c |
|
| Details | md5 | 1 | 74b57d3af4e8455c06ae76a5f3477a7d |
|
| Details | sha1 | 1 | 0f6a8151de1fe379960ba564ad7a649e25742eef |
|
| Details | sha1 | 1 | c93e82a8a03815620509f6041a23f9c73640c3c8 |
|
| Details | sha1 | 1 | 4cd5c2df519d911923975c23c0597ac3276f485e |
|
| Details | sha256 | 1 | d4a047e9050069db2d1bfba78082c935bb57b5b9f513f342da112a16805ae411 |
|
| Details | sha256 | 1 | 84e7aa86929ecd6b06c897a9bd81a6a4a46eef42a688af1696d5fedac3b97dba |
|
| Details | sha256 | 1 | 57b23c428f334fda0c5b2ca06aa560c7834d004d5c4a60b6746c946a4d0dcdc6 |
|
| Details | IPv4 | 1 | 66.154.103.196 |
|
| Details | Threat Actor Identifier - APT | 301 | APT32 |
|
| Details | Url | 1 | http://66.154.103.196/frost.vbs |