← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Phishing emails with RAT targeting corporate users
WHITE AlienVault 2020-12-11 Modified: 2021-01-10
20
IOCs
MEDIUM VOLUME
"In November 2020 Doctor Web virus analysts detected a phishing attack targeting corporate users. The emails in question contained trojan malware that covertly install and launch Remote Utilities software — a tool for remotely accessing another computer."
RATPhishingemailSpypro
Indicators of Compromise (1 / 20 total)
All FileHash-MD5 FileHash-SHA256 FileHash-SHA1 domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 0d878cc7a97b36d7a1b7ca1d7a71b639 MD5 of 8d1b7d738c4c0f0aba5c25b096b54b3fc20e5643 2020-12-11
References (2)
↗ https://github.com/DoctorWebLtd/malware-iocs/blob/master/BackDoor.RMS/README.adoc ↗ https://news.drweb.com/show/?i=14083&lng=en