c6dec41788f2e709c8908e0e934a20b5b8a6712dc742bdac4bb4131bfa6ee2f9

General
Target

c6dec41788f2e709c8908e0e934a20b5b8a6712dc742bdac4bb4131bfa6ee2f9

Size

186KB

Sample

220508-2p62cahgb4

Score
10 /10
MD5

117704e30859c562e861b640332d7cdd

SHA1

820c3d83acd046388f8e51f55ec57259f0d1d578

SHA256

c6dec41788f2e709c8908e0e934a20b5b8a6712dc742bdac4bb4131bfa6ee2f9

SHA512

947cc9abd677892d9494a5f6902b6c0ac7b32c8749511c57ff0d4731ecb40fbf2e89f17739b51a2006ff9bd01d5732533059bf89359107afc732e42f885c1d8a

Malware Config

Extracted

Family icedid
C2

vernerfonbraun.pw

Targets
Target

c6dec41788f2e709c8908e0e934a20b5b8a6712dc742bdac4bb4131bfa6ee2f9

MD5

117704e30859c562e861b640332d7cdd

Filesize

186KB

Score
10/10
SHA1

820c3d83acd046388f8e51f55ec57259f0d1d578

SHA256

c6dec41788f2e709c8908e0e934a20b5b8a6712dc742bdac4bb4131bfa6ee2f9

SHA512

947cc9abd677892d9494a5f6902b6c0ac7b32c8749511c57ff0d4731ecb40fbf2e89f17739b51a2006ff9bd01d5732533059bf89359107afc732e42f885c1d8a

Tags

Signatures

  • IcedID, BokBot

    Description

    IcedID is a banking trojan capable of stealing credentials.

    Tags

  • IcedID First Stage Loader

    Tags

  • Blocklisted process makes network request

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10

                          behavioral2

                          10/10