Jérôme Segura · @malwareinfosec
174 followers · 22 posts · Server infosec.exchange
The #sczriptzzbn campaign which normally delivers #netsupportRAT, #solarmarker or #icedID is currently redirecting to a tech support scam :blobeyes:
friscomusicgroup[.]com/br2
existsupport22[.]z13[.]web[.]core[.]windows[.]net
#sczriptzzbn #netsupportrat #solarmarker #icedid
Last updated 3 years ago
Jérôme Segura · @malwareinfosec
140 followers · 14 posts · Server infosec.exchange
#sczriptzzbn campaign dropping #IcedID
friscomusicgroup[.]com
xim[.]avistapp[.]co
f1f61b0e96c172a24fba71806829c486b43e141493c78ec4bb895de760134316
Last updated 3 years ago