General
Target

4687a29d6a32a3933c8240f0d5b8cff85a8644b6988bc6a16adf848a4e8e212e

Size

228KB

Sample

220507-zg39daead3

Score
10/10
MD5

0a79f532b330c5f43f00dbbbb6c7d5ad

SHA1

e0d275dbc665ba716b3fbdfa0eb22989df2a32a8

SHA256

4687a29d6a32a3933c8240f0d5b8cff85a8644b6988bc6a16adf848a4e8e212e

SHA512

f2c8252f21b81109c6ed5af4390f72b902318d0d70f9323f810c9361e389bb56743edcf2e4824375e3867573b29fa83902c45e077352480c12023907d3bdea8b

Malware Config

Extracted

Family

icedid

Botnet

3890424169

C2

fasederro.site

delemano.online

Attributes
auth_var
3
url_path
/audio/

Extracted

Family

icedid

Targets
Target

4687a29d6a32a3933c8240f0d5b8cff85a8644b6988bc6a16adf848a4e8e212e

MD5

0a79f532b330c5f43f00dbbbb6c7d5ad

Filesize

228KB

Score
10/10
SHA1

e0d275dbc665ba716b3fbdfa0eb22989df2a32a8

SHA256

4687a29d6a32a3933c8240f0d5b8cff85a8644b6988bc6a16adf848a4e8e212e

SHA512

f2c8252f21b81109c6ed5af4390f72b902318d0d70f9323f810c9361e389bb56743edcf2e4824375e3867573b29fa83902c45e077352480c12023907d3bdea8b

Tags

Signatures

  • IcedID, BokBot

    Description

    IcedID is a banking trojan capable of stealing credentials.

    Tags

  • IcedID Second Stage Loader

    Tags

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          Score
                          N/A

                          behavioral1

                          Score
                          10/10

                          behavioral2

                          Score
                          10/10