fa79f39d2512326f3645ec051f32c4b0f175142bc5f43e0b869bdcfe32d18ca4

General
Target

fa79f39d2512326f3645ec051f32c4b0f175142bc5f43e0b869bdcfe32d18ca4

Size

228KB

Sample

220512-pnm6mahbbj

Score
10 /10
MD5

0e582f1d214712c263429692549010ef

SHA1

50c8cbdaa3b781d00e6e8df336af7620fcb90136

SHA256

fa79f39d2512326f3645ec051f32c4b0f175142bc5f43e0b869bdcfe32d18ca4

SHA512

7eac85ab9f8e9ff4d7602569d363293639b997e609694ade84e8211aa9dddeec67984281f0775da6970d41e0ed9e13d6d845afaf14a3dbd1287b819d56c010ff

Malware Config

Extracted

Family icedid

Extracted

Family icedid
Botnet 3940132575
C2

besitxavier.best

nazifestivo.best

Attributes
auth_var
2
url_path
/audio/
Targets
Target

fa79f39d2512326f3645ec051f32c4b0f175142bc5f43e0b869bdcfe32d18ca4

MD5

0e582f1d214712c263429692549010ef

Filesize

228KB

Score
10/10
SHA1

50c8cbdaa3b781d00e6e8df336af7620fcb90136

SHA256

fa79f39d2512326f3645ec051f32c4b0f175142bc5f43e0b869bdcfe32d18ca4

SHA512

7eac85ab9f8e9ff4d7602569d363293639b997e609694ade84e8211aa9dddeec67984281f0775da6970d41e0ed9e13d6d845afaf14a3dbd1287b819d56c010ff

Tags

Signatures

  • IcedID, BokBot

    Description

    IcedID is a banking trojan capable of stealing credentials.

    Tags

  • IcedID Second Stage Loader

    Tags

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1