Overview

overview

10

Static

static

b6b31cca984d64...b0.dll

windows7_x64

10

b6b31cca984d64...b0.dll

windows10-2004_x64

10
General
Target

b6b31cca984d64c13dac5c4fbdd1a13217cb628843718926b4447ff7d14471b0

Size

277KB

Sample

220503-am65safgbp

Score
10/10
MD5

0af2557a722f8a703f5d2944690aa2b6

SHA1

9a9334d0c42b9a78a0a9e67d87ef4a5dcc839755

SHA256

b6b31cca984d64c13dac5c4fbdd1a13217cb628843718926b4447ff7d14471b0

SHA512

43565af0596fed1b63f7c62f4adead0d7b54d0ae8d641a89860d63bbeaf8c9bb010fb9630e6e11a665a53c2dc36bc65308dbe05a7e4ae9822240c921b36e88dd

Malware Config

Extracted

Family

icedid

Extracted

Family

icedid
Botnet

951045417
C2

nazamoskaotp.xyz

49vodysf.club
Attributes
auth_var
1
url_path
/audio/
Targets
Target

b6b31cca984d64c13dac5c4fbdd1a13217cb628843718926b4447ff7d14471b0

MD5

0af2557a722f8a703f5d2944690aa2b6

Filesize

277KB

Score
10/10
SHA1

9a9334d0c42b9a78a0a9e67d87ef4a5dcc839755

SHA256

b6b31cca984d64c13dac5c4fbdd1a13217cb628843718926b4447ff7d14471b0

SHA512

43565af0596fed1b63f7c62f4adead0d7b54d0ae8d641a89860d63bbeaf8c9bb010fb9630e6e11a665a53c2dc36bc65308dbe05a7e4ae9822240c921b36e88dd

Tags

Signatures

  • IcedID, BokBot

    Description

    IcedID is a banking trojan capable of stealing credentials.

    Tags

  • IcedID Second Stage Loader

    Tags

Related Tasks

behavioral1behavioral2
MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          Score
                          N/A

                          behavioral1

                          Score
                          10/10

                          behavioral2

                          Score
                          10/10