General

  • Target

    1a3481999d39238207c705ec7f8c73946ea992341f2715bbecb07b40faef565b.zip

  • Size

    11KB

  • Sample

    220421-s83zcsbcdk

  • MD5

    3752b93e17ee18f12e1ec39e16ba18f4

  • SHA1

    774aa5f9bd59d69d44a919b760415cf00525d3ef

  • SHA256

    be11cfcc3eb2073ebfcde431616fd6ee25060fa49cb99536a56cc113faba4137

  • SHA512

    b6be1981456f842e4ad4f78f0c0d02e734825a2698c206ce3d0f8cf6cad044ddc152386fef196f90e0bae6c069d3b800b9bac59e6452002e16150b48ed7aba08

Malware Config

Extracted

Family

icedid

Campaign

468039940

C2

arelyevennot.top

Extracted

Family

icedid

Campaign

468039940

Targets

    • Target

      1a3481999d39238207c705ec7f8c73946ea992341f2715bbecb07b40faef565b

    • Size

      44KB

    • MD5

      7fb16c37fd6fa92377a6188c8475f0c0

    • SHA1

      c668a4df7a3f40d4128b385d33a28f17f27a6382

    • SHA256

      1a3481999d39238207c705ec7f8c73946ea992341f2715bbecb07b40faef565b

    • SHA512

      382fa394d728c1c5fbcb16ff7b7ca29898e3b71bbeb80ca5d303ed859cdf85ceca667ed974a25dd2ed463ac6c0785180024f93ade95714212efe42c17e345444

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • suricata: ET MALWARE Win32/IcedID Request Cookie

      suricata: ET MALWARE Win32/IcedID Request Cookie

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Tasks