SHARE
TWEET

2020-01-10: URLs for Trickbot seen from IcedID-infected host

malware_traffic Jan 10th, 2020 (edited) 715 Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. 2020-01-10 - URLS FOR TRICKBOT SEEN FROM ICEDID (BOKBOT) INFECTED HOST:
  2.  
  3. hxxp://108.170.52[.]134/image/updatefile.exe
  4. hxxp://108.170.52[.]134/image/swajn.exe
  5. hxxp://108.170.52[.]134/image/TIN_X64.exe
  6. hxxp://108.170.52[.]134/image/sdocuprint.pdf
  7.  
  8. REFERENCES:
  9.  
  10. - https://www.crowdstrike.com/blog/sin-ful-spiders-wizard-spider-and-lunar-spider-sharing-the-same-web/
  11. - https://twitter.com/malware_traffic/status/1215760018240225283
RAW Paste Data
We use cookies for various purposes including analytics. By continuing to use Pastebin, you agree to our use of cookies as described in the Cookies Policy. OK, I Understand
Not a member of Pastebin yet?
Sign Up, it unlocks many cool features!
 
Top