General

  • Target

    29A0.dll

  • Size

    74KB

  • Sample

    211112-p1rpksdea4

  • MD5

    3766ceff9fad0d5ccd13b060ca5269bb

  • SHA1

    8fc8b51db082bc0a34c6088322a070578fb4fb21

  • SHA256

    d0ca2f465d8e620742682dbcc955e7a52e20d71333483d31379d776e1ef0be58

  • SHA512

    e132814c710195b9993331e9108b08aefe1e0a68572128509329e6747c3c948ebb8d52903b113ebb82a5868d66a0f282c116e05a61fd5c57c09447a8f235a105

Malware Config

Extracted

Family

icedid

Botnet

1217670233

C2

lakogrefop.rest

hangetilin.top

follytresh.co

zojecurf.store

Attributes
  • auth_var

    14

  • url_path

    /posts/

Targets

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Registry Run Keys / Startup Folder

2
T1060

Defense Evasion

Modify Registry

1
T1112

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Tasks