1c59249cdf921be0b26fd5fd64874f38d63bcbc9cdc5b17967db455e25272d6e

General
Target

1c59249cdf921be0b26fd5fd64874f38d63bcbc9cdc5b17967db455e25272d6e

Size

304KB

Sample

220512-abrkysgefj

Score
10 /10
MD5

9dd07a974beabc119755f1e4dfc7202a

SHA1

64b543b906bc355f5e08d6a878097ed0a7a09fb5

SHA256

1c59249cdf921be0b26fd5fd64874f38d63bcbc9cdc5b17967db455e25272d6e

SHA512

c97508a92f7b60586d61af9b48847998d2bdc92be5e1864a75b07afce5c8dddb7aca2aabf04798e6508009c41352bed21dbe5b98e37ade84eb76eb13a5322221

Malware Config

Extracted

Family icedid
Botnet 3266946033
C2

headcaliber.top

destroycruiser.cyou

Attributes
auth_var
1
url_path
/audio/

Extracted

Family icedid
Targets
Target

1c59249cdf921be0b26fd5fd64874f38d63bcbc9cdc5b17967db455e25272d6e

MD5

9dd07a974beabc119755f1e4dfc7202a

Filesize

304KB

Score
10/10
SHA1

64b543b906bc355f5e08d6a878097ed0a7a09fb5

SHA256

1c59249cdf921be0b26fd5fd64874f38d63bcbc9cdc5b17967db455e25272d6e

SHA512

c97508a92f7b60586d61af9b48847998d2bdc92be5e1864a75b07afce5c8dddb7aca2aabf04798e6508009c41352bed21dbe5b98e37ade84eb76eb13a5322221

Tags

Signatures

  • IcedID, BokBot

    Description

    IcedID is a banking trojan capable of stealing credentials.

    Tags

  • IcedID Second Stage Loader

    Tags

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1