malware_traffic

2020-01-10: URLs for Trickbot seen from IcedID-infected host

Jan 10th, 2020
1,353
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
  1. 2020-01-10 - URLS FOR TRICKBOT SEEN FROM ICEDID (BOKBOT) INFECTED HOST:
  2.  
  3. hxxp://108.170.52[.]134/image/updatefile.exe
  4. hxxp://108.170.52[.]134/image/swajn.exe
  5. hxxp://108.170.52[.]134/image/TIN_X64.exe
  6. hxxp://108.170.52[.]134/image/sdocuprint.pdf
  7.  
  8. REFERENCES:
  9.  
  10. - https://www.crowdstrike.com/blog/sin-ful-spiders-wizard-spider-and-lunar-spider-sharing-the-same-web/
  11. - https://twitter.com/malware_traffic/status/1215760018240225283
RAW Paste Data