General
Target

75285d458acf88653c455a1adf63c2bb9a80b74484d38d02f3cd45f99cd14d50

Size

104KB

Sample

220502-s3k7csahbp

Score
10/10
MD5

1f1a05263fe052e690a783a6829b6e55

SHA1

123b5174e61a8db9d24e32edc83079e08a572fe9

SHA256

75285d458acf88653c455a1adf63c2bb9a80b74484d38d02f3cd45f99cd14d50

SHA512

a03a1edd22d01427bdd3671ff125346adca8ba4da95a65121bf00a636d26458f069322ee1138602c4a6c5f0135aca464ace74f5b9406f6ccad201e35cc6e7195

Malware Config

Extracted

Family

icedid

C2

whiskeybravo.xyz

Targets
Target

75285d458acf88653c455a1adf63c2bb9a80b74484d38d02f3cd45f99cd14d50

MD5

1f1a05263fe052e690a783a6829b6e55

Filesize

104KB

Score
10/10
SHA1

123b5174e61a8db9d24e32edc83079e08a572fe9

SHA256

75285d458acf88653c455a1adf63c2bb9a80b74484d38d02f3cd45f99cd14d50

SHA512

a03a1edd22d01427bdd3671ff125346adca8ba4da95a65121bf00a636d26458f069322ee1138602c4a6c5f0135aca464ace74f5b9406f6ccad201e35cc6e7195

Tags

Signatures

  • IcedID, BokBot

    Description

    IcedID is a banking trojan capable of stealing credentials.

    Tags

  • IcedID First Stage Loader

    Tags

  • Blocklisted process makes network request

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          Score
                          N/A

                          behavioral1

                          Score
                          10/10

                          behavioral2

                          Score
                          10/10