General

  • Target

    a2e5a2c63648d6e8c54a7baac4fb0bc557aa0c8a7ab59dceafb076530f2dd26f

  • Size

    268KB

  • Sample

    220508-t6lgzafecn

  • MD5

    a708a9b2a5430ce8e284ca556586a866

  • SHA1

    67f49fcf77d7e0229a7348129eec09e4911329e1

  • SHA256

    a2e5a2c63648d6e8c54a7baac4fb0bc557aa0c8a7ab59dceafb076530f2dd26f

  • SHA512

    3fb899d3c4278052861a55b81c3229d7eac09c8b80082fe6bb2d9be404fbc83b6809050b6d00359b66a2c8f0d74665a4b8afe648bd0980eefba48348593967fb

Malware Config

Extracted

Family

icedid

Botnet

22672422

C2

eastzrada.club

feder5ru.club

adwerife.cyou

proanaliz.top

vzaimrazv.cyou

pipulosha.cyou

Attributes
  • auth_var

    5

  • url_path

    /audio/

Extracted

Family

icedid

Targets

    • Target

      a2e5a2c63648d6e8c54a7baac4fb0bc557aa0c8a7ab59dceafb076530f2dd26f

    • Size

      268KB

    • MD5

      a708a9b2a5430ce8e284ca556586a866

    • SHA1

      67f49fcf77d7e0229a7348129eec09e4911329e1

    • SHA256

      a2e5a2c63648d6e8c54a7baac4fb0bc557aa0c8a7ab59dceafb076530f2dd26f

    • SHA512

      3fb899d3c4278052861a55b81c3229d7eac09c8b80082fe6bb2d9be404fbc83b6809050b6d00359b66a2c8f0d74665a4b8afe648bd0980eefba48348593967fb

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • IcedID Second Stage Loader

MITRE ATT&CK Matrix

Tasks