Overview

overview

10

Static

static

c426b5f9a39e2e...50.exe

windows7_x64

10

c426b5f9a39e2e...50.exe

windows10-2004_x64

10
General
Target

c426b5f9a39e2e9d46c3074fc973e9d01fdfbf4f96870b624606e02233b08050

Size

228KB

Sample

220508-hg7s5ahga3

Score
10/10
MD5

e5eacbe6e8b732c14a651fe45e9924a4

SHA1

85e6e11c0a12a4bc3d7b5ba76791fa9eea4ea1ec

SHA256

c426b5f9a39e2e9d46c3074fc973e9d01fdfbf4f96870b624606e02233b08050

SHA512

d42fd09d58adec8528ddb1fd6243b55b74983f4ecc463bd02f4cdb6aaa5570d9de331e7c2b078055be92588fe30d17eeced62aafbf50e1b6683e0db663c25760

Malware Config

Extracted

Family

icedid

Extracted

Family

icedid
Botnet

3940132575
C2

besitxavier.best

nazifestivo.best
Attributes
auth_var
2
url_path
/audio/
Targets
Target

c426b5f9a39e2e9d46c3074fc973e9d01fdfbf4f96870b624606e02233b08050

MD5

e5eacbe6e8b732c14a651fe45e9924a4

Filesize

228KB

Score
10/10
SHA1

85e6e11c0a12a4bc3d7b5ba76791fa9eea4ea1ec

SHA256

c426b5f9a39e2e9d46c3074fc973e9d01fdfbf4f96870b624606e02233b08050

SHA512

d42fd09d58adec8528ddb1fd6243b55b74983f4ecc463bd02f4cdb6aaa5570d9de331e7c2b078055be92588fe30d17eeced62aafbf50e1b6683e0db663c25760

Tags

Signatures

  • IcedID, BokBot

    Description

    IcedID is a banking trojan capable of stealing credentials.

    Tags

  • IcedID Second Stage Loader

    Tags

Related Tasks

behavioral1behavioral2
MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          Score
                          N/A

                          behavioral1

                          Score
                          10/10

                          behavioral2

                          Score
                          10/10