2022-08-10 (WEDNESDAY) - THREE COBALT STRIKES FROM ONE ICEDID (BOKBOT) INFECTION

NOTICE:

• The zip archives on this page have been updated, and they now use the new password scheme.  For the new password, see the "about" page of this website.

REFERENCE:

• https://twitter.com/Unit42_Intel/status/1557450489473662976

ASSOCIATED FILES:

• 2022-08-10-IOCs-for-IcedID-and-Cobalt-Strike.txt.zip   2.1 kB   (2,074 bytes)
• 2022-08-10-IcedID-part-1-initial-infection-carved.pcap.zip   2.5 MB   (2,477,266 bytes)
• 2022-08-10-IcedID-part-2-with-Cobalt-Strike-carved.pcap.zip   19.3 MB   (19,306,057 bytes)
• 2022-08-10-IcedID-with-Cobalt-Strike-malware-and-artifacts.zip   3.1 MB   (3,146,043 bytes)

 

Click here to return to the main page.