2021-05-27 (THURSDAY) - ICEDID (BOKBOT) FROM STOLEN IMAGES EVIDENCE.ZIP

NOTICE:

• The zip archives on this page have been updated, and they now use the new password scheme.  For the new password, see the "about" page of this website.

ASSOCIATED FILES:

• 2021-05-27-IcedID-IOCs.txt.zip   1.7 kB   (1,685 bytes)
• 2021-05-27-IcedID-infection-traffic.pcap.zip   5.2 MB   (5,222,201 bytes)
• 2021-05-27-IcedID-malware-and-artifacts.zip   796 kB   (796,451 bytes)

NOTES:

• Reference: Investigating a unique "form" of email delivery for IcedID malware by the Microsoft 365 Defender Threat Intelligence Team

 

IMAGES

Shown above:  Traffic from an infection filtered in Wireshark.

 

Click here to return to the main page.