General

  • Target

    1c6c7215d039881314d66edb35b389ab.dll

  • Size

    116KB

  • Sample

    210506-zr8bydme1a

  • MD5

    1c6c7215d039881314d66edb35b389ab

  • SHA1

    cb1515790ba1cb352a3f4bc506452b678aec2ace

  • SHA256

    85bb2d449a7ead4f54667826941269a4d87a980825a958bb10db7d6e72aae60b

  • SHA512

    26d0b356e10f7594c0b144b5dcbf2f35db9ad3bf609c46818c9c683f8d3dafbf9405e04af9f15e4e93b110d1ced900d90658fc342ab2b99b35733832495e10d1

Malware Config

Extracted

Family

icedid

Campaign

3717128962

C2

usaaforced.fun

Targets

    • Target

      1c6c7215d039881314d66edb35b389ab.dll

    • Size

      116KB

    • MD5

      1c6c7215d039881314d66edb35b389ab

    • SHA1

      cb1515790ba1cb352a3f4bc506452b678aec2ace

    • SHA256

      85bb2d449a7ead4f54667826941269a4d87a980825a958bb10db7d6e72aae60b

    • SHA512

      26d0b356e10f7594c0b144b5dcbf2f35db9ad3bf609c46818c9c683f8d3dafbf9405e04af9f15e4e93b110d1ced900d90658fc342ab2b99b35733832495e10d1

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • IcedID First Stage Loader

MITRE ATT&CK Matrix

Tasks