2019-10-31 - DATA DUMP: ICEDID INFECTION WITH TRICKBOT

NOTICE:

• The zip archives on this page have been updated, and they now use the new password scheme.  For the new password, see the "about" page of this website.

ASSOCIATED FILES:

• 2019-10-31-example-of-malspam-pushing-IcedID.eml.zip   441 kB (441,369 bytes)
• 2019-10-31-IcedID-infection-with-Trickbot.pcap.zip   33.2 MB (33,169,240 bytes)
• 2019-10-31-IcedID-and-Trickbot-malware-and-artifacts.zip   29.1 MB (29,107,707 bytes)

NOTES:

• This is an infection in an Active Directory environment where Trickbot spread from an infected Windows client at 10.10.31[.]101 to its domain controller at 10.10.31[.]5.

 

Click here to return to the main page.