General

  • Target

    3.dll

  • Size

    569KB

  • Sample

    220210-mteekaghgk

  • MD5

    eda4e741af2c0316ee18ad2651059d92

  • SHA1

    5bd12244ddb2e6fde14bc67a66ef8d287e37a0d1

  • SHA256

    50165bf93643c3ee448eb480217442f19567918b7ea98722bb404e7fea558a2b

  • SHA512

    6268417a843c9a815fa49c1ed41a8736669f4ad47314a84b67c8eb70843b041b8925b839ec557315f576e603c8bef63664c7ac0d3fc06378a13d7c8f09489d55

Malware Config

Extracted

Family

icedid

Campaign

3825802847

C2

cleverballs.com

Targets

    • Target

      3.dll

    • Size

      569KB

    • MD5

      eda4e741af2c0316ee18ad2651059d92

    • SHA1

      5bd12244ddb2e6fde14bc67a66ef8d287e37a0d1

    • SHA256

      50165bf93643c3ee448eb480217442f19567918b7ea98722bb404e7fea558a2b

    • SHA512

      6268417a843c9a815fa49c1ed41a8736669f4ad47314a84b67c8eb70843b041b8925b839ec557315f576e603c8bef63664c7ac0d3fc06378a13d7c8f09489d55

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • suricata: ET MALWARE Win32/IcedID Request Cookie

      suricata: ET MALWARE Win32/IcedID Request Cookie

MITRE ATT&CK Matrix ATT&CK v6

Discovery

Query Registry

1
T1012

System Information Discovery

1
T1082

Tasks