General

  • Target

    f751ee786098e98fbcb85cf866bc42222ef4eb46a835224c1535e0e5bf37ffe4

  • Size

    224KB

  • Sample

    220516-rdkc4agahj

  • MD5

    8f33b7393dc6114e419467c80f64dce7

  • SHA1

    173e8df464fb2a027ef5a3ee462dff0798036698

  • SHA256

    f751ee786098e98fbcb85cf866bc42222ef4eb46a835224c1535e0e5bf37ffe4

  • SHA512

    526efb46d9eb6b547f20096145b4ae991a6519faef6ceb397ba7f26f6c7f1106d2770d1b12bcd0c2b73c358c812bd825577f7e5f78d5a1b7ea6b4583a17ec27b

Malware Config

Extracted

Family

icedid

C2

loadberlin.casa

Targets

    • Target

      f751ee786098e98fbcb85cf866bc42222ef4eb46a835224c1535e0e5bf37ffe4

    • Size

      224KB

    • MD5

      8f33b7393dc6114e419467c80f64dce7

    • SHA1

      173e8df464fb2a027ef5a3ee462dff0798036698

    • SHA256

      f751ee786098e98fbcb85cf866bc42222ef4eb46a835224c1535e0e5bf37ffe4

    • SHA512

      526efb46d9eb6b547f20096145b4ae991a6519faef6ceb397ba7f26f6c7f1106d2770d1b12bcd0c2b73c358c812bd825577f7e5f78d5a1b7ea6b4583a17ec27b

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • IcedID First Stage Loader

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks