Brad · @malware_traffic
2362 followers · 140 posts · Server infosec.exchange
Originally posted at: https://twitter.com/malware_traffic/status/1634042775850082304
2023-03-08 (Wednesday): #IcedID (#Bobkot) infection with #BackConnect and #VNC traffic. Email --> PDF with link --> downloaded zip --> extracted .msi --> IcedID infection. 1 malspam example, #pcap from an infection, associated malware & IOCs available at https://www.malware-traffic-analysis.net/2023/03/08/index.html
#icedid #bobkot #backconnect #vnc #pcap
Last updated 1 year ago