**Sekoia reports on DiceLoader (aka Icebot), a malware used by cybercriminal group FIN7 since 2021. They detail how DiceLoader is dropped by a PowerShell script along with other malware of the intrusion set’s arsenal such as Carbanak RAT. A technical analysis of DiceLoader describes its features and C2 communication and infrastructure. "Surprisingly the analysed sample does not have any technique for anti-analysis" as well as lacking sandbox detection. IOC and Yara rules provided.
🔗 https://blog.sekoia.io/unveiling-the-intricacies-of-diceloader/