General

  • Target

    1c59249cdf921be0b26fd5fd64874f38d63bcbc9cdc5b17967db455e25272d6e

  • Size

    304KB

  • Sample

    220512-abrkysgefj

  • MD5

    9dd07a974beabc119755f1e4dfc7202a

  • SHA1

    64b543b906bc355f5e08d6a878097ed0a7a09fb5

  • SHA256

    1c59249cdf921be0b26fd5fd64874f38d63bcbc9cdc5b17967db455e25272d6e

  • SHA512

    c97508a92f7b60586d61af9b48847998d2bdc92be5e1864a75b07afce5c8dddb7aca2aabf04798e6508009c41352bed21dbe5b98e37ade84eb76eb13a5322221

Malware Config

Extracted

Family

icedid

Botnet

3266946033

C2

headcaliber.top

destroycruiser.cyou

Attributes
  • auth_var

    1

  • url_path

    /audio/

Extracted

Family

icedid

Targets

    • Target

      1c59249cdf921be0b26fd5fd64874f38d63bcbc9cdc5b17967db455e25272d6e

    • Size

      304KB

    • MD5

      9dd07a974beabc119755f1e4dfc7202a

    • SHA1

      64b543b906bc355f5e08d6a878097ed0a7a09fb5

    • SHA256

      1c59249cdf921be0b26fd5fd64874f38d63bcbc9cdc5b17967db455e25272d6e

    • SHA512

      c97508a92f7b60586d61af9b48847998d2bdc92be5e1864a75b07afce5c8dddb7aca2aabf04798e6508009c41352bed21dbe5b98e37ade84eb76eb13a5322221

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • IcedID Second Stage Loader

MITRE ATT&CK Matrix

Tasks