Diaries by Keyword - SANS Internet Storm Center

Handler on Duty: Johannes Ullrich

Threat Level: green

Date	Author	Title
2022-08-24	Brad Duncan	Monster Libra (TA551/Shathak) --> IcedID (Bokbot) --> Cobalt Strike & DarkVNC
2021-12-02	Brad Duncan	TA551 (Shathak) pushes IcedID (Bokbot)
2021-08-11	Brad Duncan	TA551 (Shathak) continues pushing BazarLoader, infections lead to Cobalt Strike
2021-02-02	Xavier Mertens	New Example of XSL Script Processing aka "Mitre T1220"
2021-01-26	Brad Duncan	TA551 (Shathak) Word docs push Qakbot (Qbot)
2020-10-14	Brad Duncan	More TA551 (Shathak) Word docs push IcedID (Bokbot)
2020-08-07	Brad Duncan	TA551 (Shathak) Word docs push IcedID (Bokbot)