Overview

overview

10

Static

static

4a76a28498b7f3...36.dll

windows7_x64

10

4a76a28498b7f3...36.dll

windows10-2004_x64

10
General
Target

4a76a28498b7f391cdc2be73124b4225497232540247ca3662abd9ab2210be36

Size

147KB

Sample

220428-ynqq7acbbl

Score
10/10
MD5

4a6ceabb2ce1b486398c254a5503b792

SHA1

08a1c43bd1c63bbea864133d2923755aa2f74440

SHA256

4a76a28498b7f391cdc2be73124b4225497232540247ca3662abd9ab2210be36

SHA512

a7266dbfee0689fe9386686a6f892055fffb15f5c11e77bf6591ded82a00b884da9b13ce5a7f29c827ae91018d9f7e71e2e6abb99050da3419154ae1edf77394

Malware Config

Extracted

Family

icedid
Campaign

3529509686
C2

oceriesfornot.top
Targets
Target

4a76a28498b7f391cdc2be73124b4225497232540247ca3662abd9ab2210be36

MD5

4a6ceabb2ce1b486398c254a5503b792

Filesize

147KB

Score
10/10
SHA1

08a1c43bd1c63bbea864133d2923755aa2f74440

SHA256

4a76a28498b7f391cdc2be73124b4225497232540247ca3662abd9ab2210be36

SHA512

a7266dbfee0689fe9386686a6f892055fffb15f5c11e77bf6591ded82a00b884da9b13ce5a7f29c827ae91018d9f7e71e2e6abb99050da3419154ae1edf77394

Tags

Signatures

  • IcedID, BokBot

    Description

    IcedID is a banking trojan capable of stealing credentials.

    Tags

Related Tasks

behavioral1behavioral2
MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          Score
                          N/A

                          behavioral1

                          Score
                          10/10

                          behavioral2

                          Score
                          10/10