General

  • Target

    data.dll

  • Size

    216KB

  • Sample

    211216-ebwbcsbbd7

  • MD5

    d721faf1c9c2c602ba55f8040eefc6b0

  • SHA1

    0ff4a6a21c797620dd603d59c8e7fb2a1db7100f

  • SHA256

    b71f914f40d146462cafac5f360f816d59366be377268b33d0d4688917950223

  • SHA512

    534731bf935aaa9c957e71e2e7aeecaa5fe0a9ed68ef09ae5c1d4af1e31fc22c643bf4682fb33114647a7f5f0f28cdd8b0eb237b45e2c219afbda7864e511be5

Malware Config

Extracted

Family

icedid

Campaign

971270730

C2

hdgravity.com

Targets

    • Target

      data.dll

    • Size

      216KB

    • MD5

      d721faf1c9c2c602ba55f8040eefc6b0

    • SHA1

      0ff4a6a21c797620dd603d59c8e7fb2a1db7100f

    • SHA256

      b71f914f40d146462cafac5f360f816d59366be377268b33d0d4688917950223

    • SHA512

      534731bf935aaa9c957e71e2e7aeecaa5fe0a9ed68ef09ae5c1d4af1e31fc22c643bf4682fb33114647a7f5f0f28cdd8b0eb237b45e2c219afbda7864e511be5

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

          Discovery

            Execution

              Exfiltration

                Impact

                  Initial Access

                    Lateral Movement

                      Persistence

                        Privilege Escalation