General

  • Target

    d5c6b3b0a05c14b7b4a403e2b5d4afcefbe0bea7f015bc36294b11d453c9087d

  • Size

    793KB

  • Sample

    201113-etp29hvb7j

  • MD5

    3759db33c71b446ed5ea367561fc066c

  • SHA1

    f3bb9bd7f9b99b73d074bb87e34b9f7bcfbe8d41

  • SHA256

    d5c6b3b0a05c14b7b4a403e2b5d4afcefbe0bea7f015bc36294b11d453c9087d

  • SHA512

    57fd07839da885aa990fb1a120d457ad37ab9011cbfcb43a09b8fbfa83961ac904a3f0435edb22f704bee3b8adb90b52fe305769b00347ce6a39c93e4cb1cf07

Malware Config

Extracted

Family

icedid

C2

kostacardsplayer.pro

kostafootball.info

countrylandlords.info

landiscloudlord.red

Targets

    • Target

      d5c6b3b0a05c14b7b4a403e2b5d4afcefbe0bea7f015bc36294b11d453c9087d

    • Size

      793KB

    • MD5

      3759db33c71b446ed5ea367561fc066c

    • SHA1

      f3bb9bd7f9b99b73d074bb87e34b9f7bcfbe8d41

    • SHA256

      d5c6b3b0a05c14b7b4a403e2b5d4afcefbe0bea7f015bc36294b11d453c9087d

    • SHA512

      57fd07839da885aa990fb1a120d457ad37ab9011cbfcb43a09b8fbfa83961ac904a3f0435edb22f704bee3b8adb90b52fe305769b00347ce6a39c93e4cb1cf07

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • IcedID Second Stage Loader

MITRE ATT&CK Matrix

Tasks