General

  • Target

    Documentaddress.dat

  • Size

    432KB

  • Sample

    201210-jgj56jjxtj

  • MD5

    1acd12d8e8a8c8a2048e3f1410a4b0de

  • SHA1

    d1bf352ecdee94e6586b115cc077a943d9809bc1

  • SHA256

    cff21f166032bfc7895266f21d7e4b46d8e299a9012c85db6922f36e1965dc32

  • SHA512

    77f9115467a4a7d068d1a4efa994f54fb7258e27e6e892cfbf1f94f2e75a68d2d47f639049093e3313dab60e53d6dabc7b1558316c82ab3e400368e43b7c6839

Score
10/10

Malware Config

Targets

    • Target

      Documentaddress.dat

    • Size

      432KB

    • MD5

      1acd12d8e8a8c8a2048e3f1410a4b0de

    • SHA1

      d1bf352ecdee94e6586b115cc077a943d9809bc1

    • SHA256

      cff21f166032bfc7895266f21d7e4b46d8e299a9012c85db6922f36e1965dc32

    • SHA512

      77f9115467a4a7d068d1a4efa994f54fb7258e27e6e892cfbf1f94f2e75a68d2d47f639049093e3313dab60e53d6dabc7b1558316c82ab3e400368e43b7c6839

    Score
    10/10
    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • IcedID Core Payload

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks