General

  • Target

    b6bd56569d28bcf8ef827744e4f12873cf37b03b6bdd30d80dbb311023efaa63

  • Size

    460KB

  • Sample

    220427-rfvxlsgfb4

  • MD5

    942cc18d855e3f25f909c8939248bff4

  • SHA1

    97757121068f9ae89c6406920610d24d77728e86

  • SHA256

    b6bd56569d28bcf8ef827744e4f12873cf37b03b6bdd30d80dbb311023efaa63

  • SHA512

    711fb420ab4e37c9eb004595ca458e821807976568e1e3fd6a475ea9fe672e303ea4d2f06b55858ae0406c313aff499986a1a7bee54c4576acfd6adfe31b8344

Malware Config

Extracted

Family

icedid

C2

karimorodrigo.pw

airtopolos.best

Targets

    • Target

      b6bd56569d28bcf8ef827744e4f12873cf37b03b6bdd30d80dbb311023efaa63

    • Size

      460KB

    • MD5

      942cc18d855e3f25f909c8939248bff4

    • SHA1

      97757121068f9ae89c6406920610d24d77728e86

    • SHA256

      b6bd56569d28bcf8ef827744e4f12873cf37b03b6bdd30d80dbb311023efaa63

    • SHA512

      711fb420ab4e37c9eb004595ca458e821807976568e1e3fd6a475ea9fe672e303ea4d2f06b55858ae0406c313aff499986a1a7bee54c4576acfd6adfe31b8344

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • IcedID Second Stage Loader

MITRE ATT&CK Matrix

Tasks