ioc[.]one - OSINT Cyber Threat Intelligence Database

Rewterz Threat Alert – UAC-0050 Threat Group Distributes Remcos RAT Using New Phishing Tactics – Active IOCs - Rewterz

Tags

country:	Israel Poland
maec-delivery-vectors:	Watering Hole
attack-pattern:	Data Botnet - T1583.005 Botnet - T1584.005 Malware - T1587.001 Malware - T1588.001 Mshta - T1218.005 Phishing - T1660 Phishing - T1566 Powershell - T1059.001 Server - T1583.004 Server - T1584.004 Software - T1592.002 Vulnerabilities - T1588.006 Mshta - T1170 Powershell - T1086

Show in Graph

Common Information

Type	Value
UUID	e44a4044-2e6e-41cf-bb2d-6b648aeb28fc
Fingerprint	a5ae8dcc239f9b54
Analysis status	DONE
Considered CTI value	2
Text language
Published	Jan. 4, 2024, 10:58 a.m.
Added to db	Dec. 19, 2024, 7:14 a.m.
Last updated	Dec. 25, 2024, 4:36 a.m.
Headline	Rewterz Threat Alert – UAC-0050 Threat Group Distributes Remcos RAT Using New Phishing Tactics – Active IOCs
Title	Rewterz Threat Alert – UAC-0050 Threat Group Distributes Remcos RAT Using New Phishing Tactics – Active IOCs - Rewterz
Detected Hints/Tags/Attributes	48/3/39

Source URLs

	Redirection	Url
Details	Source	https://www.rewterz.com/rewterz-news/rewterz-threat-alert-uac-0050-threat-group-distributes-remcos-rat-using-new-phishing-tactics-active-iocs

URL Provider

Details	Provider	Source level domain
Details	rewterz.com	www.rewterz.com

Attributes

Details	Type	#Events	Value
Details	CERT Ukraine	47	UAC-0050
Details	CVE	3	cve-2023-44807
Details	Domain	2	new-tech-savvy.com
Details	File	545	mshta.exe
Details	File	2	ofer.docx
Details	File	2	word_update.exe
Details	File	2	fmtask_dbg.exe
Details	File	2339	cmd.exe
Details	md5	2	56154fedaa70a3e58b7262b7c344d30a
Details	md5	2	9b777d69b018701ec5ad19ae3f06553f
Details	md5	2	7c05cfed156f152139a6b1f0d48b5cc1
Details	md5	2	7f87d36c989a11edf0de9af392891d89
Details	md5	2	f5ee6aa31c950dfe55972e50e02201d3
Details	md5	2	5c734bb1e41fab9c7b2dabd06e27bc7b
Details	md5	2	8158b43f745e0e7a519458b0150e1b61
Details	md5	2	f71ef85824f906856cb3d2205058bdd2
Details	md5	2	8bebea01d914a3c3a2d876417f7d1d54
Details	md5	2	b1f8484ee01a7730938210ea6e851888
Details	sha1	1	31ba4f7a41dda57b4d10ebbc020db9c17012f17c
Details	sha1	1	f2d8bce46e8df36013b89e4de8bca66e3cf0de3e
Details	sha1	1	a9bc862f7143a3e34ba420d624f81a9efd1516fc
Details	sha1	1	e644bc7774cfd1beecea50fb47b8ffd32b092c30
Details	sha1	1	502bbd516526e579b2b0d0a5aaef0a66659e7fbb
Details	sha1	1	1bee4d678beb8928377fbc112eade1af5ec30295
Details	sha1	1	09f678acd0ecb99e22e069661edf4fda8457e496
Details	sha1	1	f20d2dcdd6303ed23bfe9dcffe3736a6de660a74
Details	sha1	1	5089adac80acd2d36ad9cb1cce0e4a544474269e
Details	sha1	1	4ab9c910cfc9690b7f54eba83e30bc1fe6984297
Details	sha256	1	f650a9f1930e55e405d7121c56b90a996ab213a05b772a8f02ceb1cdbeb91165
Details	sha256	1	8963e1c87200d0b900f558c1968428dc3a1f05748ddeff0150297aa33d14ff88
Details	sha256	1	e4615b74d62f384d23e58bc467c615b17779e4f8084c8a0134db97a5e642027f
Details	sha256	1	c5452b859922b9633839e092f09f0ce4818b6085043360c90c0b0f2bfad9fca1
Details	sha256	1	5fff1cd29bb6e6cfe9516b70f9f44755098392c2e2a0f4784486182c309b2c99
Details	sha256	1	bd871a2ccd6d7c4f89f9f5087e60cfdcc7ab35b670cfda7ddfd6dbbab8c8560c
Details	sha256	1	378c219332e74786b5ce562d15a99fe021e47f1480be09b779db78ae87da9c26
Details	sha256	1	3b78e6564c4774a6d3cd88c62e56c6705c2428e53cacb3a95713b8c399a7d7ad
Details	sha256	1	ab310316f34881a67c6df912e646203adc676d1f53a5bf43873014dfdb0d68cf
Details	sha256	1	88f0722c907100ef09049c82032a0ac66afa153d03fb89d378ae65f6e5890a3f
Details	Url	1	http://new-tech-savvy.com/algo.hta