General

  • Target

    5367acae0dec8ceae1de5d8f617d61ab486715c0b4f9c7b5350513b021fac508

  • Size

    209KB

  • Sample

    220324-x3jqraaacq

  • MD5

    bce3f6df2481cc576f243dd2a8b46c54

  • SHA1

    c0e7211cd87ff2d7cfa40fac1f564d6081aab3ab

  • SHA256

    5367acae0dec8ceae1de5d8f617d61ab486715c0b4f9c7b5350513b021fac508

  • SHA512

    101c88d4ac961daa1ed8db10fda43f55142c69d789795a77677432f815044a66a354f44102863bd77c881c2de31a1b43164913406ac902ebe9f6e35331bf83f3

Malware Config

Extracted

Family

icedid

C2

singularitty.best

zolerasiop.club

�t ��nEQ���!� m�g�҄U� h� �{tCѡ&˹�'D�D1����)re<(�d '������ �b ��24�R��������Ǽa�*�"��U���mpW\v��v�1��c\1��QN�Q��~�u��l1�q4pQ̽��^�d����IP{g ��Fk.<�~��y��7�O#�/7�Q˻ ��`���vK��q��V��7���t���t���T`�ϰ�%���9�*�b�=���r@��N�.9�J��

r@��N�.9�J��

Targets

    • Target

      5367acae0dec8ceae1de5d8f617d61ab486715c0b4f9c7b5350513b021fac508

    • Size

      209KB

    • MD5

      bce3f6df2481cc576f243dd2a8b46c54

    • SHA1

      c0e7211cd87ff2d7cfa40fac1f564d6081aab3ab

    • SHA256

      5367acae0dec8ceae1de5d8f617d61ab486715c0b4f9c7b5350513b021fac508

    • SHA512

      101c88d4ac961daa1ed8db10fda43f55142c69d789795a77677432f815044a66a354f44102863bd77c881c2de31a1b43164913406ac902ebe9f6e35331bf83f3

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • IcedID Second Stage Loader

MITRE ATT&CK Matrix

Tasks