5a5b5ece194fb5310790939797319dcdc8f9d65b37ae6fcfcfa5e3cb251e7842

General
Target

5a5b5ece194fb5310790939797319dcdc8f9d65b37ae6fcfcfa5e3cb251e7842

Size

178KB

Sample

220508-2p1vbshga9

Score
10 /10
MD5

86d0e40388b95885abe8ccbf93fc8f33

SHA1

521367f26ecf38f473ec4ba175dca4b6859aa5ba

SHA256

5a5b5ece194fb5310790939797319dcdc8f9d65b37ae6fcfcfa5e3cb251e7842

SHA512

1dfdf0a7cf203b3fe1fdaa5fc6e73bb8d7505b525924083ded9e51f46841fe144482b16d34c0482bb7ac6332fa1903a599d87c64b6db72d7bb27c742ac629a3b

Malware Config

Extracted

Family icedid
C2

qapoloki.cyou

Targets
Target

5a5b5ece194fb5310790939797319dcdc8f9d65b37ae6fcfcfa5e3cb251e7842

MD5

86d0e40388b95885abe8ccbf93fc8f33

Filesize

178KB

Score
10/10
SHA1

521367f26ecf38f473ec4ba175dca4b6859aa5ba

SHA256

5a5b5ece194fb5310790939797319dcdc8f9d65b37ae6fcfcfa5e3cb251e7842

SHA512

1dfdf0a7cf203b3fe1fdaa5fc6e73bb8d7505b525924083ded9e51f46841fe144482b16d34c0482bb7ac6332fa1903a599d87c64b6db72d7bb27c742ac629a3b

Tags

Signatures

  • IcedID, BokBot

    Description

    IcedID is a banking trojan capable of stealing credentials.

    Tags

  • IcedID First Stage Loader

    Tags

  • Blocklisted process makes network request

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10

                          behavioral2

                          10/10