General

  • Target

    3c5af2d1412d47be0eda681eebf808155a37f4911f2f2925c4adc5c5824dea98.7z

  • Size

    180KB

  • Sample

    220417-3raxcsfhh8

  • MD5

    4913e6d77bcfc69dbc4a7ee088733637

  • SHA1

    4d16290f0bbe9235bfebc73c78414cd35d86af88

  • SHA256

    e376d9620cb6308b4d23cc9516fa1e5960270ec38b7a6cb241ea1b4c67f61f5e

  • SHA512

    6211e1437298079260a7e2df9fffd122f2b034cbe38abb8da90e5966a8bb648cf0a9da808500f417286cdbff71ae25fd2cbbe2d9b9602b8fda3e01cc9b0fbf33

Malware Config

Extracted

Family

icedid

C2

isolatedglobus.top

Targets

    • Target

      3c5af2d1412d47be0eda681eebf808155a37f4911f2f2925c4adc5c5824dea98

    • Size

      390KB

    • MD5

      9fd438c6e278d0349bf5ffd82fcf27ef

    • SHA1

      6ea3a0609cbbd6237e80d1513303f379e9704745

    • SHA256

      3c5af2d1412d47be0eda681eebf808155a37f4911f2f2925c4adc5c5824dea98

    • SHA512

      ae22e778c629b28ca37e5bb42a3e0bcfd89030bac8562d915cf2590926c48531c29a3225ff05caf86fd64e2db25886571df1744c5cc6abf867f83581633985d0

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • IcedID First Stage Loader

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks