General

  • Target

    a86b7e73861ba7f89ecba4428164d5619e6c2dd1fbc81e00bccd94041da80090

  • Size

    490KB

  • Sample

    220221-lss1wsaher

  • MD5

    1d9e2adae0f28431546fb491a6a83fab

  • SHA1

    db8818bc7573fb9d5ad8f3c49d3f35b4e6ea3baa

  • SHA256

    a86b7e73861ba7f89ecba4428164d5619e6c2dd1fbc81e00bccd94041da80090

  • SHA512

    6dd340ca0e4560fc83ae9bd89bfc83937ad0b872f3100a269c1c1bc234482fe4f627db0bd222e41ccaad81e491558496233839908c9ad152e51d93b456d13ef3

Malware Config

Extracted

Family

icedid

Campaign

3467965077

C2

firenicatrible.com

Targets

    • Target

      a86b7e73861ba7f89ecba4428164d5619e6c2dd1fbc81e00bccd94041da80090

    • Size

      490KB

    • MD5

      1d9e2adae0f28431546fb491a6a83fab

    • SHA1

      db8818bc7573fb9d5ad8f3c49d3f35b4e6ea3baa

    • SHA256

      a86b7e73861ba7f89ecba4428164d5619e6c2dd1fbc81e00bccd94041da80090

    • SHA512

      6dd340ca0e4560fc83ae9bd89bfc83937ad0b872f3100a269c1c1bc234482fe4f627db0bd222e41ccaad81e491558496233839908c9ad152e51d93b456d13ef3

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • suricata: ET MALWARE Win32/IcedID Request Cookie

      suricata: ET MALWARE Win32/IcedID Request Cookie

MITRE ATT&CK Matrix

Tasks