From 63e8fabf5a64b9ab8b49dba926c1645ab532ce8f Mon Sep 17 00:00:00 2001 From: Mikhail Kasimov Date: Sat, 11 Dec 2021 15:23:50 +0200 Subject: [PATCH] Update 2021-12-10-IOCs-for-TA551-IcedID-infection-with-Cobalt-Strike-and-DarkVNC.txt Minor patch --- ...for-TA551-IcedID-infection-with-Cobalt-Strike-and-DarkVNC.txt | 1 + 1 file changed, 1 insertion(+) diff --git a/2021-12-10-IOCs-for-TA551-IcedID-infection-with-Cobalt-Strike-and-DarkVNC.txt b/2021-12-10-IOCs-for-TA551-IcedID-infection-with-Cobalt-Strike-and-DarkVNC.txt index b92fd55..9f72073 100644 --- a/2021-12-10-IOCs-for-TA551-IcedID-infection-with-Cobalt-Strike-and-DarkVNC.txt +++ b/2021-12-10-IOCs-for-TA551-IcedID-infection-with-Cobalt-Strike-and-DarkVNC.txt @@ -53,6 +53,7 @@ ASSOCIATED MALWARE: TRAFFIC FOR INSTALLER DLL: - 146.19.233[.]44 port 80 - copelandbenefitg[.]com - GET /frhe/[long string]/repa7?[long string] +- 146.19.233[.]44 port 80 - buchananfoodss[.]com TRAFFIC CAUSED BY ICEDID INSTALLER DLL: