General

  • Target

    a03da506154fc38ee08248a9aae592d93261254ab27461cb5a79b5821d651264

  • Size

    781KB

  • Sample

    201113-vm782pxexn

  • MD5

    489f6da8a3806c256fd422d1dd906d6c

  • SHA1

    d6125e8a64216f37fe618887b088ff94008cc548

  • SHA256

    a03da506154fc38ee08248a9aae592d93261254ab27461cb5a79b5821d651264

  • SHA512

    45f25d99a871fc9a68a55e7ec872a011cca79b6d9d75cc1334bac24cb2184254d202261cc46fd1dcf748c775f731a6cc549310663bd5a42ab6bcf720abcc6865

Malware Config

Extracted

Family

icedid

C2

kostacardsplayer.pro

kostafootball.info

countrylandlords.info

landiscloudlord.red

Targets

    • Target

      a03da506154fc38ee08248a9aae592d93261254ab27461cb5a79b5821d651264

    • Size

      781KB

    • MD5

      489f6da8a3806c256fd422d1dd906d6c

    • SHA1

      d6125e8a64216f37fe618887b088ff94008cc548

    • SHA256

      a03da506154fc38ee08248a9aae592d93261254ab27461cb5a79b5821d651264

    • SHA512

      45f25d99a871fc9a68a55e7ec872a011cca79b6d9d75cc1334bac24cb2184254d202261cc46fd1dcf748c775f731a6cc549310663bd5a42ab6bcf720abcc6865

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • IcedID Second Stage Loader

MITRE ATT&CK Matrix

Tasks