Threat Advisory: New IcedID Trojan Campaign | Todyl
Tags
Common Information
| Type | Value |
|---|---|
| UUID | 8088d610-3a5a-40a0-a17f-13dde1b40026 |
| Fingerprint | 85942cf9dfbcc580 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Nov. 18, 2022, midnight |
| Added to db | Jan. 16, 2023, 3:49 p.m. |
| Last updated | Nov. 18, 2024, 1:38 a.m. |
| Headline | UNKNOWN |
| Title | Threat Advisory: New IcedID Trojan Campaign | Todyl |
| Detected Hints/Tags/Attributes | 39/1/50 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 1 | www-irs-gov.com |
|
| Details | Domain | 1 | www-irs.com |
|
| Details | Domain | 1 | sdr-nb.com |
|
| Details | Domain | 1 | wwww-dlscord.com |
|
| Details | Domain | 1 | trackitem.link |
|
| Details | Domain | 1 | moralaz.top |
|
| Details | Domain | 2 | acridpanel.com |
|
| Details | Domain | 1 | dpd-trackit.uk |
|
| Details | Domain | 1 | ksd-ir.com |
|
| Details | Domain | 1 | thm-ve.com |
|
| Details | Domain | 1 | servicesaustralia.gove.au.thm-ve.com |
|
| Details | Domain | 1 | dpd-trackit.link |
|
| Details | Domain | 1 | www.servicesaustralia.au.csk-io.com |
|
| Details | Domain | 1 | servicesaustralia.gov.au.thm-ve.com |
|
| Details | Domain | 1 | csk-io.com |
|
| Details | Domain | 1 | gov.au.csk-io.com |
|
| Details | Domain | 1 | au.csk-io.com |
|
| Details | Domain | 1 | asiksliopakt.com |
|
| Details | Domain | 1 | dpd.trackitem.link |
|
| Details | Domain | 1 | supp0rtaanmeldisc.com |
|
| Details | Domain | 3 | www-discord.top |
|
| Details | Domain | 1 | linesoffice.com |
|
| Details | Domain | 1 | siirireevs.su |
|
| Details | Domain | 1 | adslstickersi.world |
|
| Details | Domain | 1 | atweeeswaadesw.com |
|
| Details | Domain | 1 | zasxdcfvgbhnjmkazsxdcfvgbhnjmk.xyz |
|
| Details | Domain | 1 | yuaowpa.ru |
|
| Details | Domain | 1 | mosxinale.top |
|
| Details | File | 1 | irs_form_11-17-2022_16-48-39.exe |
|
| Details | File | 1018 | rundll32.exe |
|
| Details | File | 1 | abuyafpt.dll |
|
| Details | File | 1122 | svchost.exe |
|
| Details | File | 172 | dllhost.exe |
|
| Details | File | 2127 | cmd.exe |
|
| Details | File | 173 | outlook.exe |
|
| Details | File | 1 | 39.exe |
|
| Details | File | 92 | c:\windows\system32\svchost.exe |
|
| Details | File | 1 | opyacn.dll |
|
| Details | File | 34 | license.dat |
|
| Details | File | 1 | irs_form_11-17-202_16-48-39.exe |
|
| Details | File | 1 | barrelx64.tmp |
|
| Details | File | 1 | rww6xp7.exe |
|
| Details | File | 1 | au.cs |
|
| Details | File | 1 | iced.dat |
|
| Details | sha256 | 1 | 2374f26dfa20f1697f089d017e3d5f2138f07c240e35b358ce71f6d99c2f2ea3 |
|
| Details | sha256 | 1 | a3ca4733682bc3e5a5b28f6815b5d13375a7ddaead45654b23f9bc1466f914b8 |
|
| Details | sha256 | 1 | 19c772133e924c89c9a149cdc697226fc8697f3bbf839df5f8c135aab0b5cf85 |
|
| Details | sha256 | 1 | e5af30f751cb20f72b4a127d2bb075477659148ed8af047b97f4263d46bc1328 |
|
| Details | sha256 | 1 | b5645e53e9157e3dd62aaa16936b97d1e8e8f80991f7bcf6ad1cd7287dcd5505 |
|
| Details | IPv4 | 1 | 80.66.64.54 |