Click here to download all references as Bib-File.
| 2023-04-11 ⋅ Twitter (@Unit42_Intel) ⋅ Tweet on change of IcedID backconnect traffic port from 8080 to 443 IcedID |
| 2021-11-17 ⋅ Twitter (@Unit42_Intel) ⋅ Tweet on Matanbuchus Loader used to deliver Qakbot (tag obama128b) and follow-up CobaltStrike Cobalt Strike QakBot |
| 2021-11-05 ⋅ Twitter (@Unit42_Intel) ⋅ Tweet on TA551 (Shathak) BazarLoader infection with CobaltStrike and DarkVNC drops BazarBackdoor Cobalt Strike |
| 2021-07-30 ⋅ Twitter (@Unit42_Intel) ⋅ Tweet on BazarLoader infection leading to cobaltstrike and Powershell script file for PrintNightmare vulnerability BazarBackdoor Cobalt Strike |