← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Cold as Ice: Answers to Unit 42 Wireshark Quiz for IcedID
WHITE CyberHunter_NL 2023-06-05 Modified: 2023-07-05
16
IOCs
MEDIUM VOLUME
This blog is part of the Unit 42 series of posts by Palo Alto Networks about malware, IcedID, which can lead to ransomware and other malware. and is based on the Windows operating system.
icedidcobalt strikefigureunitip addresstcp streampalo altohttps trafficwiresharkhttp getwireshark quizaprilwildfirealliancefebruarygozicoldbokbotvirustotalscrollcookiebumblebeeemotetqbotqakbotanubis
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Cobalt Strike IcedID
Indicators of Compromise (2 / 16 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-MD5 46353431423635424230383346354633 2023-06-05
FileHash-MD5 c8b98d467304de875b53d6132882c828 MD5 of fc96c893a462660e2342febab2ad125ce1ec9a90fdf7473040b3aeb814ba7901 2023-06-05
References (1)
↗ https://unit42.paloaltonetworks.com/wireshark-quiz-icedid-answers/#post-128267-_v8176g40kstn