Pulse Detail — Threat Intelligence

● 0 online

ANALYZING THREAT INTELLIGENCE

PULSE NAME

IcedID Malware with Updated BackConnect Module

WHITE cryptocti 2023-07-30 Modified: 2023-08-29

13

IOCs

MEDIUM VOLUME

↓ CSV ↓ JSON

Indicators of Compromise (13)

All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname

TYPE	INDICATOR	DESCRIPTION	CREATED
FileHash-MD5	c8b98d467304de875b53d6132882c828	MD5 of fc96c893a462660e2342febab2ad125ce1ec9a90fdf7473040b3aeb814ba7901	2023-07-30
FileHash-SHA1	57da25c2a28ff74c13856cc5201f7f3e0fa70f8e	SHA1 of fc96c893a462660e2342febab2ad125ce1ec9a90fdf7473040b3aeb814ba7901	2023-07-30
FileHash-SHA256	bd24b6344dcde0c84726e620818cb5795c472d9def04b259bf9bff1538e5a759	—	2023-07-30
FileHash-SHA256	fc96c893a462660e2342febab2ad125ce1ec9a90fdf7473040b3aeb814ba7901	—	2023-07-30
URL	http://80.77.24.175/main.php	—	2023-07-30
URL	http://skigimeetroc.com/	—	2023-07-30
domain	askamoshopsi.com	—	2023-07-30
domain	skansnekssky.com	—	2023-07-30
domain	skigimeetroc.com	—	2023-07-30
URL	http://377701.appspot.com/o/XSjwp6O0pq%2FScan_Inv.zip?alt=media&token=a716bdce-1373-44ed-ae89-fdabafa31c61	—	2023-07-30
URL	https://firebasestorage.googleapis.com/v0/b/serene-cathode-	—	2023-07-30
hostname	firebasestorage.googleapis.com	—	2023-07-30
hostname	377701.appspot.com	—	2023-07-30

References (1)

↗ July 29th, 2023 - CryptoGen Cyber Threat Intelligence Advisory #2928 - IcedID Malware with Updated BackConnect Module.pdf