Resubmissions

04-05-2022 07:03

220504-hvm1wadca2 10

03-05-2022 20:59

220503-zsw97sceg2 10

General

  • Target

    f95a8ceb27ce17f5d159d75690fcb1628bf9528331aef2ffe3dac02712b67e48

  • Size

    148KB

  • Sample

    220504-hvm1wadca2

  • MD5

    bd9df65ccb0f5dda832c56979a33929f

  • SHA1

    bccdaeef6f5185f8c41f9feafc743f7a5b56ed14

  • SHA256

    f95a8ceb27ce17f5d159d75690fcb1628bf9528331aef2ffe3dac02712b67e48

  • SHA512

    ab378d7910c16899f4ede8c12555d629ce4412d68ad7f1cda6e4b88f827b9f44d2438336c3db51b7705146d5ea852961dbe488281f83e4dc0faa7e67ef3af3f1

Malware Config

Extracted

Family

icedid

Botnet

1076950734

C2

justiceminister.best

fivejudgescatholic.cyou

Attributes
  • auth_var

    3

  • url_path

    /audio/

Extracted

Family

icedid

Targets

    • Target

      f95a8ceb27ce17f5d159d75690fcb1628bf9528331aef2ffe3dac02712b67e48

    • Size

      148KB

    • MD5

      bd9df65ccb0f5dda832c56979a33929f

    • SHA1

      bccdaeef6f5185f8c41f9feafc743f7a5b56ed14

    • SHA256

      f95a8ceb27ce17f5d159d75690fcb1628bf9528331aef2ffe3dac02712b67e48

    • SHA512

      ab378d7910c16899f4ede8c12555d629ce4412d68ad7f1cda6e4b88f827b9f44d2438336c3db51b7705146d5ea852961dbe488281f83e4dc0faa7e67ef3af3f1

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • IcedID Second Stage Loader

MITRE ATT&CK Matrix

Tasks