General
Target

2443e2650a14ab28210e18bdb906646279a03799edace5d2cb648eef2b179842

Size

287KB

Sample

220508-tc9ygaedep

Score
10/10
MD5

ae52c1b6b07abf7ebdc21931f23fa50c

SHA1

0bd8e7d5f59dec11839420cb0efa194b7029fd54

SHA256

2443e2650a14ab28210e18bdb906646279a03799edace5d2cb648eef2b179842

SHA512

fa9ecc0dee08106858565d67649e4f53659a751eff15db4344ca1a17c8969401467569f5df202975fd000d3af8e1cb6dcfc21ffaf96b078dcc2028d3cf29473c

Malware Config

Extracted

Family

icedid

C2

loadpascal.asia

Targets
Target

2443e2650a14ab28210e18bdb906646279a03799edace5d2cb648eef2b179842

MD5

ae52c1b6b07abf7ebdc21931f23fa50c

Filesize

287KB

Score
10/10
SHA1

0bd8e7d5f59dec11839420cb0efa194b7029fd54

SHA256

2443e2650a14ab28210e18bdb906646279a03799edace5d2cb648eef2b179842

SHA512

fa9ecc0dee08106858565d67649e4f53659a751eff15db4344ca1a17c8969401467569f5df202975fd000d3af8e1cb6dcfc21ffaf96b078dcc2028d3cf29473c

Tags

Signatures

  • IcedID, BokBot

    Description

    IcedID is a banking trojan capable of stealing credentials.

    Tags

  • IcedID First Stage Loader

    Tags

  • Blocklisted process makes network request

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          Score
                          N/A

                          behavioral1

                          Score
                          10/10

                          behavioral2

                          Score
                          10/10