General
Target

a2e5a2c63648d6e8c54a7baac4fb0bc557aa0c8a7ab59dceafb076530f2dd26f

Size

268KB

Sample

220508-t6lgzafecn

Score
10/10
MD5

a708a9b2a5430ce8e284ca556586a866

SHA1

67f49fcf77d7e0229a7348129eec09e4911329e1

SHA256

a2e5a2c63648d6e8c54a7baac4fb0bc557aa0c8a7ab59dceafb076530f2dd26f

SHA512

3fb899d3c4278052861a55b81c3229d7eac09c8b80082fe6bb2d9be404fbc83b6809050b6d00359b66a2c8f0d74665a4b8afe648bd0980eefba48348593967fb

Malware Config

Extracted

Family

icedid

Botnet

22672422

C2

eastzrada.club

feder5ru.club

adwerife.cyou

proanaliz.top

vzaimrazv.cyou

pipulosha.cyou

Attributes
auth_var
5
url_path
/audio/

Extracted

Family

icedid

Targets
Target

a2e5a2c63648d6e8c54a7baac4fb0bc557aa0c8a7ab59dceafb076530f2dd26f

MD5

a708a9b2a5430ce8e284ca556586a866

Filesize

268KB

Score
10/10
SHA1

67f49fcf77d7e0229a7348129eec09e4911329e1

SHA256

a2e5a2c63648d6e8c54a7baac4fb0bc557aa0c8a7ab59dceafb076530f2dd26f

SHA512

3fb899d3c4278052861a55b81c3229d7eac09c8b80082fe6bb2d9be404fbc83b6809050b6d00359b66a2c8f0d74665a4b8afe648bd0980eefba48348593967fb

Tags

Signatures

  • IcedID, BokBot

    Description

    IcedID is a banking trojan capable of stealing credentials.

    Tags

  • IcedID Second Stage Loader

    Tags

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          Score
                          N/A

                          behavioral1

                          Score
                          10/10

                          behavioral2

                          Score
                          10/10