otx.alienvault.com
Open in
urlscan Pro
108.156.22.68
Public Scan
URL:
https://otx.alienvault.com/pulse/6241ca8d76313c920c4b9022?utm_userid=swimlanecyou&utm_medium=inproduct&utm_source=otx&utm_c...
Submission: On March 28 via api from US — Scanned from DE
Submission: On March 28 via api from US — Scanned from DE
Form analysis 0 forms found in the DOM
Text Content
× * Browse * Scan Endpoints * Create Pulse * Submit Sample * API Integration * Login | Sign Up All * Login | Sign Up * Share Actions Subscribers (180861) Suggest Edit Clone Embed Download Report Spam NEW CONVERSATION HIJACKING CAMPAIGN DELIVERING ICEDID * Created 33 minutes ago by AlienVault * Public * TLP: White Intezer provides a technical analysis of a new campaign detected by its research team, which initiates attacks with a phishing email that uses conversation hijacking to deliver IcedID. Reference: https://www.intezer.com/blog/research/conversation-hijacking-campaign-delivering-icedid/ Tags: icedid, bokbot, pony Industries: Pharmaceutical, Healthcare, Energy Malware Family: IcedID Att&ck IDs: T1566 - Phishing , T1001 - Data Obfuscation , T1218 - Signed Binary Proxy Execution , T1592 - Gather Victim Host Information Endpoint Security Scan your endpoints for IOCs from this Pulse! Learn more * Indicators of Compromise (6) * Related Pulses (4) * Comments (0) * History (0) Domain (1)FileHash-SHA256 (3)FileHash-MD5 (1)FileHash-SHA1 (1) TYPES OF INDICATORS Show 10 25 50 100 entries Search: type indicator Role title Added Active related Pulses FileHash-SHA256a17e32b43f96c8db69c979865a8732f3784c7c42714197091866473bcfac8250Mar 28, 2022, 2:47:42 PM0 FileHash-SHA256698a0348c4bb8fffc806a1f915592b20193229568647807e88a39d2ab81cb4c2Mar 28, 2022, 2:47:42 PM0 FileHash-SHA2563542d5179100a7644e0a747139d775dbc8d914245292209bc9038ad2413b3213Mar 28, 2022, 2:47:42 PM0 FileHash-SHA15c165fedae74c0ef60104772dc82f34520e1ff6fMar 28, 2022, 2:47:42 PM0 FileHash-MD5a7ec43a3bd10d95a788f79c20ab8796fMar 28, 2022, 2:47:42 PM1 domainyourgroceries.topcommand_and_controlIcedIDMar 28, 2022, 2:47:42 PM5 SHOWING 1 TO 6 OF 6 ENTRIES COMMENTS You must be logged in to leave a comment. Refresh Comments * © Copyright 2022 AlienVault, Inc. * Legal * Status