IcedID僵尸网络滥用谷歌PPC服务分发恶意软件
Common Information
Type Value
UUID ed6b9cb0-fad6-4cb5-b922-01af1f8b811e
Fingerprint bb15fb9ef2cf6097
Analysis status IN_PROGRESS
Considered CTI value 0
Text language
Published Dec. 29, 2022, midnight
Added to db Dec. 20, 2024, 1:07 a.m.
Last updated Dec. 24, 2024, 5:56 a.m.
Headline IcedID僵尸网络滥用谷歌PPC服务分发恶意软件
Title IcedID僵尸网络滥用谷歌PPC服务分发恶意软件
Detected Hints/Tags/Attributes 17/1/17
Source URLs
Attributes
Details Type #Events CTI Value
Details Domain 6752
163.com
Details File 1102
rundll32.exe
Details File 1
恶意的icedid和合法的sqlite3.dll
Details File 4
tcl86.dll
Details File 110
sqlite3.dll
Details File 40
x64.dll
Details File 37
libcurl.dll
Details File 1
在sqlite3.dll
Details File 306
msiexec.exe
Details File 2
msi3480c3c1.msi
Details File 1
系统代码代理执行rundll32.exe
Details File 1
恶意自定义操作调用rundll32.exe
Details File 2
icedid-botnet-distributors-abuse-google-ppc-to-distribute-malware.html
Details MITRE ATT&CK Techniques 45
T1218.007
Details MITRE ATT&CK Techniques 131
T1218.011
Details MITRE ATT&CK Techniques 45
T1027.009
Details Url 1
https://www.trendmicro.com/en_us/research/22/l/icedid-botnet-distributors-abuse-google-ppc-to-distribute-malware.html?&web_view=true