IcedID3

IcedID BokBot 2017. info_IR-99661418.msi invoice. NSABX.GG C2. cT_Gzip_Uncompress. CobaltStrike+Ryuk loader.

Threat Profile
Type Loader
Programming LanguageC
C2 ProtocolHTTPS
First Seen2017
Targets Küresel Finans
Purpose / Capabilities
  • Banking+Payload Loader

C2 Servers 1

Address Port Protocol Status Action
NSABX.GG
443 HTTPS INACTIVE

⚠ C2 addresses are shared solely for threat intelligence and defensive purposes. Unauthorized access to these addresses constitutes a criminal offense.

Research Reports (1)

High

IcedID -- info_IR-99661418.msi Fatura Lure, NSABX.GG C2 Domain | Yüksek

IcedID 1.1MB info_IR-99661418.msi fatura receipt lure. NSABX.GG C2 domain. cT_Gzip_Uncompress ozel sikistirma.

Read Report →