General

  • Target

    0ae1451a3539de1347a16ab6e47b03a6bcca680459b4f0048a3bbd6b4242330c

  • Size

    198KB

  • Sample

    210401-59zdne6t56

  • MD5

    8633ff7aca8a3e38a4cbce06d65611b1

  • SHA1

    88302876b1bb86a774052810df2a69d3f6489b1d

  • SHA256

    0ae1451a3539de1347a16ab6e47b03a6bcca680459b4f0048a3bbd6b4242330c

  • SHA512

    8e945e743cab4d8263ac7bb6004647da6c1766f7a9d68c253694d4abd3f3ef9e2daaab41f379c1b7ce7a517a7490c133c5c81d45329d80e0dbf94ca5fe66f601

Malware Config

Extracted

Family

icedid

Campaign

1584008337

C2

secondpilots.space

Targets

    • Target

      0ae1451a3539de1347a16ab6e47b03a6bcca680459b4f0048a3bbd6b4242330c

    • Size

      198KB

    • MD5

      8633ff7aca8a3e38a4cbce06d65611b1

    • SHA1

      88302876b1bb86a774052810df2a69d3f6489b1d

    • SHA256

      0ae1451a3539de1347a16ab6e47b03a6bcca680459b4f0048a3bbd6b4242330c

    • SHA512

      8e945e743cab4d8263ac7bb6004647da6c1766f7a9d68c253694d4abd3f3ef9e2daaab41f379c1b7ce7a517a7490c133c5c81d45329d80e0dbf94ca5fe66f601

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • IcedID First Stage Loader

MITRE ATT&CK Matrix

Tasks