f751ee786098e98fbcb85cf866bc42222ef4eb46a835224c1535e0e5bf37ffe4

General
Target

f751ee786098e98fbcb85cf866bc42222ef4eb46a835224c1535e0e5bf37ffe4

Size

224KB

Sample

220516-rdkc4agahj

Score
10 /10
MD5

8f33b7393dc6114e419467c80f64dce7

SHA1

173e8df464fb2a027ef5a3ee462dff0798036698

SHA256

f751ee786098e98fbcb85cf866bc42222ef4eb46a835224c1535e0e5bf37ffe4

SHA512

526efb46d9eb6b547f20096145b4ae991a6519faef6ceb397ba7f26f6c7f1106d2770d1b12bcd0c2b73c358c812bd825577f7e5f78d5a1b7ea6b4583a17ec27b

Malware Config

Extracted

Family icedid
C2

loadberlin.casa

Targets
Target

f751ee786098e98fbcb85cf866bc42222ef4eb46a835224c1535e0e5bf37ffe4

MD5

8f33b7393dc6114e419467c80f64dce7

Filesize

224KB

Score
10/10
SHA1

173e8df464fb2a027ef5a3ee462dff0798036698

SHA256

f751ee786098e98fbcb85cf866bc42222ef4eb46a835224c1535e0e5bf37ffe4

SHA512

526efb46d9eb6b547f20096145b4ae991a6519faef6ceb397ba7f26f6c7f1106d2770d1b12bcd0c2b73c358c812bd825577f7e5f78d5a1b7ea6b4583a17ec27b

Tags

Signatures

  • IcedID, BokBot

    Description

    IcedID is a banking trojan capable of stealing credentials.

    Tags

  • IcedID First Stage Loader

    Tags

  • Blocklisted process makes network request

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10

                          behavioral2

                          10/10