General

  • Target

    015243f1e4fa8c0eabf86ae752056e2876e50b3b67e95fa486451904d311580d.zip

  • Size

    62KB

  • Sample

    211021-ljcbsaaah8

  • MD5

    6bb9b54d07db35ce1be0504affe9afaf

  • SHA1

    dc35a65a7859832a3aa3f84fdb8e7bf9928eea9e

  • SHA256

    8db9831a38c8a354c63e77e93e0c8324f09a5fbf6ad75fbbebcb2a636eacee07

  • SHA512

    4a653e0df95f3257b05120221fc037fdae81d3f135bebd60754a42e4eca9d29b88f51e2c125c9695843d05262c3449f1ef7c22c0184c97fa6c8fb10d97ef496d

Malware Config

Extracted

Family

icedid

C2

carztesla.xyz

greejoin.xyz

Targets

    • Target

      015243f1e4fa8c0eabf86ae752056e2876e50b3b67e95fa486451904d311580d

    • Size

      187KB

    • MD5

      90df835e11f0cd049fafb69cbd1ef997

    • SHA1

      cd6bb3c33f603e0ee17924fa8a31e2daeca35fad

    • SHA256

      015243f1e4fa8c0eabf86ae752056e2876e50b3b67e95fa486451904d311580d

    • SHA512

      c524ab538324d9891cb425b2d5b0ccd723db76ed6a1144f321bafdff850d96932f2a8e33f7c32f686efff8ee1abbbfc3e25cf0fb0a0da7a6e9b076945fb3e7e9

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • IcedID Second Stage Loader

MITRE ATT&CK Matrix

Tasks