General

  • Target

    54dae0ca3c0ebcb8c89f68b842c1e06785dccfd9b7f6d09c459f2b948d74f65c

  • Size

    705KB

  • Sample

    201113-cnl6h9glma

  • MD5

    49668766b03c3b590b951750d36fc41e

  • SHA1

    360432acabc4ca39bb40d090d65cc4ea72adf86a

  • SHA256

    54dae0ca3c0ebcb8c89f68b842c1e06785dccfd9b7f6d09c459f2b948d74f65c

  • SHA512

    2095510b121eb1fcf35382aaddbec2db3bb674414ad629e7a42a6aa1a2a1c2c4157d92268ba46ae27e364ab9698cd21dd72f07ee27e8150561a507d0c924fefd

Malware Config

Extracted

Family

icedid

C2

kostacardsplayer.pro

kostafootball.info

countrylandlords.info

landiscloudlord.red

Targets

    • Target

      54dae0ca3c0ebcb8c89f68b842c1e06785dccfd9b7f6d09c459f2b948d74f65c

    • Size

      705KB

    • MD5

      49668766b03c3b590b951750d36fc41e

    • SHA1

      360432acabc4ca39bb40d090d65cc4ea72adf86a

    • SHA256

      54dae0ca3c0ebcb8c89f68b842c1e06785dccfd9b7f6d09c459f2b948d74f65c

    • SHA512

      2095510b121eb1fcf35382aaddbec2db3bb674414ad629e7a42a6aa1a2a1c2c4157d92268ba46ae27e364ab9698cd21dd72f07ee27e8150561a507d0c924fefd

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • IcedID Second Stage Loader

MITRE ATT&CK Matrix

Tasks