2024-03-06: PIKABOT INFECTION WITH MEDUZA STEALER

NOTES:

• Zip files are password-protected.  Of note, this site has a new password scheme.  For the password, see the "about" page of this website.

REFERENCES:

• https://www.linkedin.com/posts/unit42_pikabot-meduza-meduzastealer-activity-7171529296388321282-7yIh
• https://twitter.com/Unit42_Intel/status/1765763677192356196

ASSOCIATED FILES:

• 2024-03-06-IOCs-for-Pikabot-and-Meduza-Stealer-activity.txt.zip   2.2 kB   (2,249 bytes)
• 2024-03-06-Pikabot-malware-and-artifacts.zip   714 kB   (713,743 bytes)
• 2024-03-06-santized-email-distributing-ISO-for-Pikabot.eml.zip   56.3 kB   (56,273 bytes)
• 2024-03-06-traffic-from-Piakbot-infection-with-Meduza-Stealer.pcap.zip   1.6 MB   (1,551,272 bytes)
• 2024-03-06-traffic-to-Meduza-Stealer-C2-server-login-panel.pcap.zip   1.7 MB   (1,717,667 bytes)

 

Click here to return to the main page.