General

  • Target

    4687a29d6a32a3933c8240f0d5b8cff85a8644b6988bc6a16adf848a4e8e212e

  • Size

    228KB

  • Sample

    220507-zg39daead3

  • MD5

    0a79f532b330c5f43f00dbbbb6c7d5ad

  • SHA1

    e0d275dbc665ba716b3fbdfa0eb22989df2a32a8

  • SHA256

    4687a29d6a32a3933c8240f0d5b8cff85a8644b6988bc6a16adf848a4e8e212e

  • SHA512

    f2c8252f21b81109c6ed5af4390f72b902318d0d70f9323f810c9361e389bb56743edcf2e4824375e3867573b29fa83902c45e077352480c12023907d3bdea8b

Malware Config

Extracted

Family

icedid

Botnet

3890424169

C2

fasederro.site

delemano.online

Attributes
  • auth_var

    3

  • url_path

    /audio/

Extracted

Family

icedid

Targets

    • Target

      4687a29d6a32a3933c8240f0d5b8cff85a8644b6988bc6a16adf848a4e8e212e

    • Size

      228KB

    • MD5

      0a79f532b330c5f43f00dbbbb6c7d5ad

    • SHA1

      e0d275dbc665ba716b3fbdfa0eb22989df2a32a8

    • SHA256

      4687a29d6a32a3933c8240f0d5b8cff85a8644b6988bc6a16adf848a4e8e212e

    • SHA512

      f2c8252f21b81109c6ed5af4390f72b902318d0d70f9323f810c9361e389bb56743edcf2e4824375e3867573b29fa83902c45e077352480c12023907d3bdea8b

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • IcedID Second Stage Loader

MITRE ATT&CK Matrix

Tasks