General

  • Target

    6540664171036672.zip

  • Size

    340KB

  • Sample

    210726-f1gfr5lfps

  • MD5

    44928c35b2d321260288ffcb4c36b3ac

  • SHA1

    664d163d83c20aa3425560d1fe6c7a50805cdc45

  • SHA256

    38455ff328b49aff976908302135bdbf41ffba309aaaffc6a4ccb283303188c6

  • SHA512

    41349cde6f9f4f9532c124e44d2edf9b4a079e9fec6317c2d6c24a86e903df0b260346beef384be667c77cb98391eb3d22be19883147d5a0471c3b803d4c557a

Malware Config

Extracted

Family

icedid

C2

enricowilli.top

lagunaway.top

Targets

    • Target

      04ac4865905206347b2e076cd6f04338d4b8a7b8e7ded78b37b3b55f4807a68b

    • Size

      936KB

    • MD5

      9e2c8c51f6c887581bb60a9df2b63407

    • SHA1

      93c23cfde13d842d4c5111d5d9cc0520055e70e3

    • SHA256

      04ac4865905206347b2e076cd6f04338d4b8a7b8e7ded78b37b3b55f4807a68b

    • SHA512

      fe47e8547ed029bdfeb834f9b6f120e058cdbd64725af90c1edac79a73ce219355d4348c967dfacd98a349ac91021582b96dc4c8249faa6a3b08e916ae2a864f

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • IcedID Second Stage Loader

MITRE ATT&CK Matrix

Tasks