Updated 2023-10-31-IOCs-for-IcedID-infection.txt

PaloAltoNetworks · Nov 1, 2023 · 729543c · 729543c
1 parent 7e2ddb9
commit 729543c
Showing 1 changed file with 6 additions and 1 deletion.
diff --git a/2023-10-31-IOCs-for-IcedID-infection.txt b/2023-10-31-IOCs-for-IcedID-infection.txt
@@ -1,5 +1,10 @@
 2023-10-31 (TUESDAY): ICEDID (BOKBOT) ACTIVITY
 
+REFERENCES:
+
+- https://www.linkedin.com/posts/unit42_icedid-bokbot-timelythreatintel-activity-7125607698699550720-msaz
+- https://twitter.com/Unit42_Intel/status/1719841834204033376
+
 NOTES:
 
 - This is based on a Micrsoft Installer (MSI) file first submitted to VirusTotal on Monday 2023-10-30.
@@ -61,4 +66,4 @@ Date/Time (UTC)      IP Address        Port  Domain               Info
 2023-10-31 23:57:40  162.33.179[.]136  443   asleytomafa[.]com    Client Hello
 2023-11-01 00:02:41  162.33.179[.]136  443   asleytomafa[.]com    Client Hello
 2023-11-01 00:07:42  162.33.179[.]136  443   asleytomafa[.]com    Client Hello
-2023-11-01 00:12:43  162.33.179[.]136  443   asleytomafa[.]com    Client Hello
+2023-11-01 00:12:43  162.33.179[.]136  443   asleytomafa[.]com    Client Hello