General
Target

40383cb8cf53f8b9baa508c7e5a7872121d84832131a77107e997cece72e9507

Size

287KB

Sample

220507-1he4lsabak

Score
10/10
MD5

283001766ef46c1740ee882afcdbfdca

SHA1

8ebeed9b7f198979a4700a0f406050c1d32d3c2d

SHA256

40383cb8cf53f8b9baa508c7e5a7872121d84832131a77107e997cece72e9507

SHA512

bf3cc6e35c3347ce631bf25a2d9499a02e1fb8449784ecfbf0e6d84433262c33a3e53c79f6f1b22d44bfc6449050488db28840580f6450acf1591edaa47f863d

Malware Config

Extracted

Family

icedid

C2

loadpascal.asia

Targets
Target

40383cb8cf53f8b9baa508c7e5a7872121d84832131a77107e997cece72e9507

MD5

283001766ef46c1740ee882afcdbfdca

Filesize

287KB

Score
10/10
SHA1

8ebeed9b7f198979a4700a0f406050c1d32d3c2d

SHA256

40383cb8cf53f8b9baa508c7e5a7872121d84832131a77107e997cece72e9507

SHA512

bf3cc6e35c3347ce631bf25a2d9499a02e1fb8449784ecfbf0e6d84433262c33a3e53c79f6f1b22d44bfc6449050488db28840580f6450acf1591edaa47f863d

Tags

Signatures

  • IcedID, BokBot

    Description

    IcedID is a banking trojan capable of stealing credentials.

    Tags

  • IcedID First Stage Loader

    Tags

  • Blocklisted process makes network request

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          Score
                          N/A

                          behavioral1

                          Score
                          10/10

                          behavioral2

                          Score
                          10/10