← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Cold as Ice: Answers to Unit 42 Wireshark Quiz for IcedID
WHITE CyberHunter_NL 2023-06-05 Modified: 2023-07-05
16
IOCs
MEDIUM VOLUME
This blog is part of the Unit 42 series of posts by Palo Alto Networks about malware, IcedID, which can lead to ransomware and other malware. and is based on the Windows operating system.
icedidcobalt strikefigureunitip addresstcp streampalo altohttps trafficwiresharkhttp getwireshark quizaprilwildfirealliancefebruarygozicoldbokbotvirustotalscrollcookiebumblebeeemotetqbotqakbotanubis
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
MALWARE FAMILIES
Cobalt Strike IcedID
Indicators of Compromise (2 / 16 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA256 bd24b6344dcde0c84726e620818cb5795c472d9def04b259bf9bff1538e5a759 2023-06-05
FileHash-SHA256 fc96c893a462660e2342febab2ad125ce1ec9a90fdf7473040b3aeb814ba7901 2023-06-05
References (1)
↗ https://unit42.paloaltonetworks.com/wireshark-quiz-icedid-answers/#post-128267-_v8176g40kstn