General

  • Target

    e2d65124ddaa1480a1574464352f26d1324bb2171bde499fbb4a6b89c4cfae2d

  • Size

    745KB

  • Sample

    201113-a8r5napf1j

  • MD5

    819493760a772c14fc7cd3c5797dc513

  • SHA1

    d6e545e9d88441b2f1d47db257a0826db8fabfd5

  • SHA256

    e2d65124ddaa1480a1574464352f26d1324bb2171bde499fbb4a6b89c4cfae2d

  • SHA512

    5a1ea2617d24eac828b107f3711d3ce8239e11388da64126c75ac252c07ede2ec6fe32b27428c314cb4dc344d6fc73079221e03321cb883d8f6e359c761effb0

Malware Config

Extracted

Family

icedid

C2

kostacardsplayer.pro

kostafootball.info

countrylandlords.info

landiscloudlord.red

Targets

    • Target

      e2d65124ddaa1480a1574464352f26d1324bb2171bde499fbb4a6b89c4cfae2d

    • Size

      745KB

    • MD5

      819493760a772c14fc7cd3c5797dc513

    • SHA1

      d6e545e9d88441b2f1d47db257a0826db8fabfd5

    • SHA256

      e2d65124ddaa1480a1574464352f26d1324bb2171bde499fbb4a6b89c4cfae2d

    • SHA512

      5a1ea2617d24eac828b107f3711d3ce8239e11388da64126c75ac252c07ede2ec6fe32b27428c314cb4dc344d6fc73079221e03321cb883d8f6e359c761effb0

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • IcedID Second Stage Loader

MITRE ATT&CK Matrix

Tasks