48e69f94c801c87dc65c445d2a61398bc0708e41c78ef70a041d700f32a1dce6

General
Target

48e69f94c801c87dc65c445d2a61398bc0708e41c78ef70a041d700f32a1dce6

Size

186KB

Sample

220508-2p7b4scegm

Score
10 /10
MD5

70c7108b898eb8b6c058a7c8c2994f96

SHA1

1ecc6f1a3f069588c2b25bf130587a0e67bf0997

SHA256

48e69f94c801c87dc65c445d2a61398bc0708e41c78ef70a041d700f32a1dce6

SHA512

a52afc3fc1bdb105ba8667bd277bb4a61f942ac9cf8fd14d128cbd971124491cac7b7066fbafac5ad7b8a090264c817842b4ff97bfadb411cf1b9ae629487ab2

Malware Config

Extracted

Family icedid
C2

vernerfonbraun.pw

Targets
Target

48e69f94c801c87dc65c445d2a61398bc0708e41c78ef70a041d700f32a1dce6

MD5

70c7108b898eb8b6c058a7c8c2994f96

Filesize

186KB

Score
10/10
SHA1

1ecc6f1a3f069588c2b25bf130587a0e67bf0997

SHA256

48e69f94c801c87dc65c445d2a61398bc0708e41c78ef70a041d700f32a1dce6

SHA512

a52afc3fc1bdb105ba8667bd277bb4a61f942ac9cf8fd14d128cbd971124491cac7b7066fbafac5ad7b8a090264c817842b4ff97bfadb411cf1b9ae629487ab2

Tags

Signatures

  • IcedID, BokBot

    Description

    IcedID is a banking trojan capable of stealing credentials.

    Tags

  • IcedID First Stage Loader

    Tags

  • Blocklisted process makes network request

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10

                          behavioral2

                          10/10