General

  • Target

    3cbc08dc4f11379f6e080a7b6dad3e2f7c53202e08f461100f4ce4f5b869811a_unpacked

  • Size

    13KB

  • Sample

    220511-gh1krsfgh8

  • MD5

    f425f1defd562e22a3a62fb5bc141cb1

  • SHA1

    d7bfce77cad7d605e35538c2501a522015e3e3c2

  • SHA256

    63770070208c532df8a7d41a391faff7c5280814bebd13b0b935f0fa80fc8e27

  • SHA512

    693385bea3207cb2d3eaca0b57c46f70e9ded1b9abc1dc490cee0ca63921abcb37ae95f9b2023e00acbc754cbff781632dccba0629efd8141642e6818d3d354a

Malware Config

Extracted

Family

icedid

Campaign

3000901376

C2

yolneanz.com

Extracted

Family

icedid

Campaign

3000901376

Targets

    • Target

      3cbc08dc4f11379f6e080a7b6dad3e2f7c53202e08f461100f4ce4f5b869811a_unpacked

    • Size

      13KB

    • MD5

      f425f1defd562e22a3a62fb5bc141cb1

    • SHA1

      d7bfce77cad7d605e35538c2501a522015e3e3c2

    • SHA256

      63770070208c532df8a7d41a391faff7c5280814bebd13b0b935f0fa80fc8e27

    • SHA512

      693385bea3207cb2d3eaca0b57c46f70e9ded1b9abc1dc490cee0ca63921abcb37ae95f9b2023e00acbc754cbff781632dccba0629efd8141642e6818d3d354a

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • suricata: ET MALWARE Win32/IcedID Request Cookie

      suricata: ET MALWARE Win32/IcedID Request Cookie

MITRE ATT&CK Matrix

Tasks