General

  • Target

    index.hta

  • Size

    1005B

  • Sample

    201215-2j3pq3xqhe

  • MD5

    478ad2476fae05ae109845bc5e8165f8

  • SHA1

    83cdd78c74c5548775c16e187258eccf037ae58e

  • SHA256

    95129bba2c036259fa080060421a1379bbb234cb7161004f27276e861236ddfc

  • SHA512

    05207941b294f08bb295c26e22e8535571967e17d89e3bc6b27d53ddc20cfcb683168ce0a9372f79815e419b83d657aa1112cadd2025b53dae5326de593324f4

Score
10/10

Malware Config

Targets

    • Target

      index.hta

    • Size

      1005B

    • MD5

      478ad2476fae05ae109845bc5e8165f8

    • SHA1

      83cdd78c74c5548775c16e187258eccf037ae58e

    • SHA256

      95129bba2c036259fa080060421a1379bbb234cb7161004f27276e861236ddfc

    • SHA512

      05207941b294f08bb295c26e22e8535571967e17d89e3bc6b27d53ddc20cfcb683168ce0a9372f79815e419b83d657aa1112cadd2025b53dae5326de593324f4

    Score
    10/10
    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • Blocklisted process makes network request

    • Downloads MZ/PE file

    • Loads dropped DLL

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Modify Registry

2
T1112

Install Root Certificate

1
T1130

Discovery

System Information Discovery

2
T1082

Query Registry

1
T1012

Tasks