top of page
Search

Monster Libra (TA551/Shathak) infects with IcedID (Bokbot) and pushes Cobalt Strike & DarkVNC

SANS has analyzed an IcedID (Bokbot) infection based on Monster Libra (also known as TA551 or Shathak).




ADVERSARY: TA551 Shathak


MALWARE FAMILIES: IcedID, Bokbot


ATT&CK IDS: T1566 - Phishing, TA0037 - Command and Control, T1001 - Data Obfuscation, T1002 - Data Compressed, T1204.002 - Malicious File, T1204.001 - Malicious Link, T1598.002 - Spearphishing Attachment, T1137.001 - Office Template Macros, T1073 - DLL Side-Loading


Read More:

0 views
bottom of page