2022-06-13 (MONDAY) TA578 THREAD-HIJACKED EMAILS PUSH BUMBLEBEE OR ICEDID

NOTICE:

• The zip archives on this page have been updated, and they now use the new password scheme.  For the new password, see the "about" page of this website.

REFERENCES:

• https://twitter.com/k3dg3/status/1536424877149798403
• https://twitter.com/Myrtus0x0/status/1536521287102672896

ASSOCIATED FILES:

• 2022-06-13-some-IOCs-from-TA578-activity.txt.zip   1.5 kB   (1,547 bytes)
• 2022-06-13-TA578-thread-hijacked-emails-4-examples.zip   1.3 MB   (1,342,308 bytes)
• 2022-06-13-text-files-of-traffic-from-TA578-URLs.zip   378 kB   (378,596 bytes)
• 2022-06-13-TA578-malware-samples.zip   4.9 MB   (4,927,462 bytes)

 

Click here to return to the main page.