66f6f1fa55a0d506c7b8e46a6600e081ef00d085b7492fdf082651e8db37fba6

General
Target

66f6f1fa55a0d506c7b8e46a6600e081ef00d085b7492fdf082651e8db37fba6

Size

304KB

Sample

220508-t6m1ssfecq

Score
10 /10
MD5

8b294b6025af7d8a90b69d304156f5cc

SHA1

b0d0ea067cc3700eb794762c1a3c3930a423a77c

SHA256

66f6f1fa55a0d506c7b8e46a6600e081ef00d085b7492fdf082651e8db37fba6

SHA512

d196328a02c456b40149d51cfc733c8f2946cd1522d7d688c9d21ba48f92f586d0cb3b6a5557d710a959b696e490668e4f5fac2d5390f4c774334512f5686d56

Malware Config

Extracted

Family icedid
Botnet 1453255761
C2

startluna.club

lunat.top

Attributes
auth_var
3
url_path
/audio/

Extracted

Family icedid
Targets
Target

66f6f1fa55a0d506c7b8e46a6600e081ef00d085b7492fdf082651e8db37fba6

MD5

8b294b6025af7d8a90b69d304156f5cc

Filesize

304KB

Score
10/10
SHA1

b0d0ea067cc3700eb794762c1a3c3930a423a77c

SHA256

66f6f1fa55a0d506c7b8e46a6600e081ef00d085b7492fdf082651e8db37fba6

SHA512

d196328a02c456b40149d51cfc733c8f2946cd1522d7d688c9d21ba48f92f586d0cb3b6a5557d710a959b696e490668e4f5fac2d5390f4c774334512f5686d56

Tags

Signatures

  • IcedID, BokBot

    Description

    IcedID is a banking trojan capable of stealing credentials.

    Tags

  • IcedID Second Stage Loader

    Tags

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1