c9c2f153c10a1ea0eb914d7902b0866960f0a58459f6f7b5fb29b479a85f3890

General
Target

c9c2f153c10a1ea0eb914d7902b0866960f0a58459f6f7b5fb29b479a85f3890

Size

186KB

Sample

220508-2p6etacegl

Score
10 /10
MD5

b3a50b17c5df922ec4a1c3019c33b9c5

SHA1

3b186a01d4a8ccc905f08b0672f32a705ae8d036

SHA256

c9c2f153c10a1ea0eb914d7902b0866960f0a58459f6f7b5fb29b479a85f3890

SHA512

26c0814015940ebc605aae2ed96d7d77d761613451ffb8c9da8cc3f12319800574136368044d1e1f8875fab12e9c62f8bb134e4db29b581763d30547890bbce1

Malware Config

Extracted

Family icedid
C2

vernerfonbraun.pw

Targets
Target

c9c2f153c10a1ea0eb914d7902b0866960f0a58459f6f7b5fb29b479a85f3890

MD5

b3a50b17c5df922ec4a1c3019c33b9c5

Filesize

186KB

Score
10/10
SHA1

3b186a01d4a8ccc905f08b0672f32a705ae8d036

SHA256

c9c2f153c10a1ea0eb914d7902b0866960f0a58459f6f7b5fb29b479a85f3890

SHA512

26c0814015940ebc605aae2ed96d7d77d761613451ffb8c9da8cc3f12319800574136368044d1e1f8875fab12e9c62f8bb134e4db29b581763d30547890bbce1

Tags

Signatures

  • IcedID, BokBot

    Description

    IcedID is a banking trojan capable of stealing credentials.

    Tags

  • IcedID First Stage Loader

    Tags

  • Blocklisted process makes network request

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10

                          behavioral2

                          10/10