General

  • Target

    f783ff9ae1b860902ce8ce8e084234c7fdee3b231d7b35d90300be4610d7a016

  • Size

    460KB

  • Sample

    220427-rftdsagfb2

  • MD5

    ff96581bcf744d9ae4f9e428528a9ca6

  • SHA1

    74a17687ae18f4b353e6572eb6176f5038a73efe

  • SHA256

    f783ff9ae1b860902ce8ce8e084234c7fdee3b231d7b35d90300be4610d7a016

  • SHA512

    ef602cf0e37ab54c2f7b388b573e05cbfd93572a5501d2ba3630a7ee108cadb78631e91ba342df45eab9c9c7c5832a94ae22576bbd53d7136a28628fd72ca13a

Malware Config

Extracted

Family

icedid

C2

karimorodrigo.pw

airtopolos.best

Targets

    • Target

      f783ff9ae1b860902ce8ce8e084234c7fdee3b231d7b35d90300be4610d7a016

    • Size

      460KB

    • MD5

      ff96581bcf744d9ae4f9e428528a9ca6

    • SHA1

      74a17687ae18f4b353e6572eb6176f5038a73efe

    • SHA256

      f783ff9ae1b860902ce8ce8e084234c7fdee3b231d7b35d90300be4610d7a016

    • SHA512

      ef602cf0e37ab54c2f7b388b573e05cbfd93572a5501d2ba3630a7ee108cadb78631e91ba342df45eab9c9c7c5832a94ae22576bbd53d7136a28628fd72ca13a

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • IcedID Second Stage Loader

MITRE ATT&CK Matrix

Tasks