skip to Main Content

Cybercrime, great wave of IcedID attacks via mail zip attachments

Tecnica analysis by the Malware Hunter JAMESWT

Big wave of IcedID attacks via email zip attachments. Each contains a different xls file that contacts a url from an internal list of five and downloads the dll activating the malware infection

Great wave of cybercrime attacks to convey IcedID, using the email zip attachments.

Each one contains a different xls file which, if opened, contacts a url from an internal list of five and downloads the dll that triggers the malware infection. IcedID (aka BokBot) is a modular banking trojan used by cybercrime to steal information and credentials from current accounts, e-commerce sites, providers and financial data.

XLS

URLS

Dll urls and C2

Back To Top