General
Target

9ccafdd6086d5840d792d09183b4f793bebc6a6d2d4068e5f6b1d8d5d96127b4

Size

287KB

Sample

220508-tc9byaeden

Score
10/10
MD5

42084df2d562de3df92ac9ac107759d8

SHA1

d34ef216eba035a681d8adca3698e9b1993aa17b

SHA256

9ccafdd6086d5840d792d09183b4f793bebc6a6d2d4068e5f6b1d8d5d96127b4

SHA512

0552a9e5ce8ffe014008df75d365d9703eb9c7dc3d6c0793ad31430b2b25d1c817ade4427914f2a228cae739143710fd7333521c73d971b1047e0d3719fea35a

Malware Config

Extracted

Family

icedid

C2

loadpascal.asia

Targets
Target

9ccafdd6086d5840d792d09183b4f793bebc6a6d2d4068e5f6b1d8d5d96127b4

MD5

42084df2d562de3df92ac9ac107759d8

Filesize

287KB

Score
10/10
SHA1

d34ef216eba035a681d8adca3698e9b1993aa17b

SHA256

9ccafdd6086d5840d792d09183b4f793bebc6a6d2d4068e5f6b1d8d5d96127b4

SHA512

0552a9e5ce8ffe014008df75d365d9703eb9c7dc3d6c0793ad31430b2b25d1c817ade4427914f2a228cae739143710fd7333521c73d971b1047e0d3719fea35a

Tags

Signatures

  • IcedID, BokBot

    Description

    IcedID is a banking trojan capable of stealing credentials.

    Tags

  • IcedID First Stage Loader

    Tags

  • Blocklisted process makes network request

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          Score
                          N/A

                          behavioral1

                          Score
                          10/10

                          behavioral2

                          Score
                          10/10