Rewterz Threat Alert – Remcos RAT – Active IOCs - Rewterz
Tags
| attack-pattern: | Direct Malware - T1587.001 Malware - T1588.001 Software - T1592.002 |
Common Information
| Type | Value |
|---|---|
| UUID | e698b13b-4dae-4658-a23e-04ec76c7e4e8 |
| Fingerprint | c5922fcdeeffaf4f |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Nov. 10, 2022, 5:14 p.m. |
| Added to db | Dec. 19, 2024, 2:15 a.m. |
| Last updated | Dec. 19, 2024, 8:51 p.m. |
| Headline | Rewterz Threat Alert – Remcos RAT – Active IOCs |
| Title | Rewterz Threat Alert – Remcos RAT – Active IOCs - Rewterz |
| Detected Hints/Tags/Attributes | 16/1/10 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | CVE | 3 | cve-2022-41207 |
|
| Details | Domain | 53 | machine.it |
|
| Details | Domain | 1 | aryexpcrt.ddns.net |
|
| Details | md5 | 1 | a862a9069c969c3997c54be20232e936 |
|
| Details | sha1 | 1 | 7cdebb388f16b05560014ad7de8050a0391de3c5 |
|
| Details | sha256 | 1 | 1ff4b93749bc77ba4f7a3f53b2fb3c917ec8b9e67a3ec4dc483efe6762d067a6 |
|
| Details | IPv4 | 9 | 178.237.33.50 |
|
| Details | IPv4 | 1 | 68.235.48.108 |
|
| Details | IPv4 | 1 | 198.46.142.144 |
|
| Details | Url | 1 | http://198.46.142.144/340/vbc.exe |