Resubmissions

04-05-2021 18:46

210504-q765esylze 10

04-05-2021 13:52

210504-hf6an9leje 10

General

  • Target

    pasteBorder.dll

  • Size

    337KB

  • Sample

    210504-q765esylze

  • MD5

    6ee6fcde80cbf4967885454cfcdf22a5

  • SHA1

    c3b771ed998a4363e9eb00996c651bc560138503

  • SHA256

    fa914c9914a9a663613c62467009adb9a283275863e0fd4a39b5e5e4f3a0f376

  • SHA512

    3d6c61836704e7302232f324c0b9d47f412f346baca0b84fe1a885662f41d8e5bc3369c3e5cab21c21106aebf5ea59653807d5461d145b1c2005466bdc0d804b

Malware Config

Extracted

Family

icedid

Campaign

3042509645

C2

barcafokliresd.top

Targets

    • Target

      pasteBorder.dll

    • Size

      337KB

    • MD5

      6ee6fcde80cbf4967885454cfcdf22a5

    • SHA1

      c3b771ed998a4363e9eb00996c651bc560138503

    • SHA256

      fa914c9914a9a663613c62467009adb9a283275863e0fd4a39b5e5e4f3a0f376

    • SHA512

      3d6c61836704e7302232f324c0b9d47f412f346baca0b84fe1a885662f41d8e5bc3369c3e5cab21c21106aebf5ea59653807d5461d145b1c2005466bdc0d804b

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • PhotoLoader Payload

      IcedID downloder-Photloader.

MITRE ATT&CK Matrix

Tasks