2021-06-02 (WEDNESDAY) - TA551 (SHATHAK) WORD DOCS PUSH ICEDID (BOKBOT)

ASSOCIATED FILES:

NOTES:

 

IMAGES


Shown above:  Screenshot of the Word document that I used to generate an infection.

 


Shown above:  Traffic from the infection filtered in Wireshark.  Note the traffic over TCP port 8080.

 

Click here to return to the main page.