Overview

overview

10

Static

static

b1e473787e82c4...48.exe

windows7_x64

10

b1e473787e82c4...48.exe

windows10-2004_x64

10
General
Target

b1e473787e82c494ef932d2944554f5343290517c763fda92f70680ad565a148

Size

301KB

Sample

220503-sanrsacbcq

Score
10/10
MD5

8525a9c8d2713d68dd55fbeaebc09a0d

SHA1

623df8a88a48ac8c902317deb7987c474a00a22d

SHA256

b1e473787e82c494ef932d2944554f5343290517c763fda92f70680ad565a148

SHA512

a785d81514d6bf8a8b0100b459804fd3e39b1edf263d0bd519fc5c37206005c3b5dd6ff9e7ab043c500f62427faca3cfcea0f29ea754e2126895c110a19d4a8f

Malware Config

Extracted

Family

icedid
C2

lookatnice.top

littyfahren.club
Targets
Target

b1e473787e82c494ef932d2944554f5343290517c763fda92f70680ad565a148

MD5

8525a9c8d2713d68dd55fbeaebc09a0d

Filesize

301KB

Score
10/10
SHA1

623df8a88a48ac8c902317deb7987c474a00a22d

SHA256

b1e473787e82c494ef932d2944554f5343290517c763fda92f70680ad565a148

SHA512

a785d81514d6bf8a8b0100b459804fd3e39b1edf263d0bd519fc5c37206005c3b5dd6ff9e7ab043c500f62427faca3cfcea0f29ea754e2126895c110a19d4a8f

Tags

Signatures

  • IcedID, BokBot

    Description

    IcedID is a banking trojan capable of stealing credentials.

    Tags

  • IcedID Second Stage Loader

    Tags

Related Tasks

behavioral1behavioral2
MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          Score
                          N/A

                          behavioral1

                          Score
                          10/10

                          behavioral2

                          Score
                          10/10