New signed campaign to trick victims’ antivirus, allowing them to download and install the malware via attachment.
Technical analysis by the Malware Hunter JAMESWT
Cybercrime, new IcedID campaign via email zip attachments. Each one contains a different xlsm file that contacts a url from an internal list of 6 and downloads the dll activating the malware infection
These each contain a different xlsm file which, when opened, contacts a url from an internal list of six and downloads the dll that triggers the malware infection. IcedID (aka BokBot) is a modular banking trojan used by cybercrime to steal information and credentials from current accounts, e-commerce sites, providers and financial data.