General
Target

a2eac98f26c51e5dcdf78e707098297de8564d73200341512ad71cf9a3f7bbab

Size

278KB

Sample

220503-angxaadcc7

Score
10/10
MD5

81726d9479ed369c2477144116123ae7

SHA1

014225d2e82587f4d34fe7e9adec6f0b9d9adb49

SHA256

a2eac98f26c51e5dcdf78e707098297de8564d73200341512ad71cf9a3f7bbab

SHA512

9b1b795dc53e9895f8c47a50c4aaf6e9f68c3636546735e634e6b6b758625d2d930bf571bd087a79ba4db48f9a111daf7dbabfa03aa8d7b69589da01edfd1aec

Malware Config

Extracted

Family

icedid

Botnet

2398486359

C2

kravynolu.cyou

nikushotomo.cyou

Attributes
auth_var
1
url_path
/audio/

Extracted

Family

icedid

Targets
Target

a2eac98f26c51e5dcdf78e707098297de8564d73200341512ad71cf9a3f7bbab

MD5

81726d9479ed369c2477144116123ae7

Filesize

278KB

Score
10/10
SHA1

014225d2e82587f4d34fe7e9adec6f0b9d9adb49

SHA256

a2eac98f26c51e5dcdf78e707098297de8564d73200341512ad71cf9a3f7bbab

SHA512

9b1b795dc53e9895f8c47a50c4aaf6e9f68c3636546735e634e6b6b758625d2d930bf571bd087a79ba4db48f9a111daf7dbabfa03aa8d7b69589da01edfd1aec

Tags

Signatures

  • IcedID, BokBot

    Description

    IcedID is a banking trojan capable of stealing credentials.

    Tags

  • IcedID Second Stage Loader

    Tags

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          Score
                          N/A

                          behavioral1

                          Score
                          10/10

                          behavioral2

                          Score
                          10/10