← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Cold as Ice: Answers to Unit 42 Wireshark Quiz for IcedID
WHITE CyberHunter_NL 2023-06-05 Modified: 2023-07-05
16
IOCs
MEDIUM VOLUME
This blog is part of the Unit 42 series of posts by Palo Alto Networks about malware, IcedID, which can lead to ransomware and other malware. and is based on the Windows operating system.
icedidcobalt strikefigureunitip addresstcp streampalo altohttps trafficwiresharkhttp getwireshark quizaprilwildfirealliancefebruarygozicoldbokbotvirustotalscrollcookiebumblebeeemotetqbotqakbotanubis
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Cobalt Strike IcedID
Indicators of Compromise (1 / 16 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA1 57da25c2a28ff74c13856cc5201f7f3e0fa70f8e SHA1 of fc96c893a462660e2342febab2ad125ce1ec9a90fdf7473040b3aeb814ba7901 2023-06-05
References (1)
↗ https://unit42.paloaltonetworks.com/wireshark-quiz-icedid-answers/#post-128267-_v8176g40kstn