General

  • Target

    dd6d136055296abfc6f94c8ae1d039042c603fb1d0938.dll

  • Size

    234KB

  • Sample

    210507-g1kge7bsaa

  • MD5

    fecf84576b7b6cdc64e5cf839db18c3b

  • SHA1

    32fffb167d3e20a15731cb137dde2fa2fbc1bdf2

  • SHA256

    dd6d136055296abfc6f94c8ae1d039042c603fb1d0938a75d446c86d1f4636d4

  • SHA512

    0c7cdf1e70c085306c89d4e577f3492a427082ce73bede460fb80759d3a3b976ea7f666c19f7871b4283788132bd671135933ce7e561da7eb4eec5e50941da3b

Malware Config

Extracted

Family

icedid

Campaign

3042509645

C2

dsedertyhuiokle.top

Targets

    • Target

      dd6d136055296abfc6f94c8ae1d039042c603fb1d0938.dll

    • Size

      234KB

    • MD5

      fecf84576b7b6cdc64e5cf839db18c3b

    • SHA1

      32fffb167d3e20a15731cb137dde2fa2fbc1bdf2

    • SHA256

      dd6d136055296abfc6f94c8ae1d039042c603fb1d0938a75d446c86d1f4636d4

    • SHA512

      0c7cdf1e70c085306c89d4e577f3492a427082ce73bede460fb80759d3a3b976ea7f666c19f7871b4283788132bd671135933ce7e561da7eb4eec5e50941da3b

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

          Discovery

            Execution

              Exfiltration

                Impact

                  Initial Access

                    Lateral Movement

                      Persistence

                        Privilege Escalation