IcedID3
IcedID BokBot 2017. info_IR-99661418.msi invoice. NSABX.GG C2. cT_Gzip_Uncompress. CobaltStrike+Ryuk loader.
Threat Profile
Type
Loader
Programming LanguageC
C2 ProtocolHTTPS
First Seen2017
Targets
Küresel Finans
Purpose / Capabilities
- Banking+Payload Loader
C2 Servers 1
| Address | Port | Protocol | Status | Action |
|---|---|---|---|---|
NSABX.GG
|
443 | HTTPS | INACTIVE |
⚠ C2 addresses are shared solely for threat intelligence and defensive purposes. Unauthorized access to these addresses constitutes a criminal offense.
Research Reports (1)
IcedID -- info_IR-99661418.msi Fatura Lure, NSABX.GG C2 Domain | Yüksek
IcedID 1.1MB info_IR-99661418.msi fatura receipt lure. NSABX.GG C2 domain. cT_Gzip_Uncompress ozel sikistirma.
Read Report →