mi90o.zip

General
Target

mi90o.zip

Size

212KB

Sample

220518-jx8wssacaj

Score
10 /10
MD5

229476bd0abdc3dbcad71f86eb4fc664

SHA1

c6c59e8d33fc2105234d88dcba378473de3d40ba

SHA256

430c736b3112dae51f0e93ac1120549a6cb453b52f6036e1d086a93afefc858b

SHA512

ecdb89eb63a4c673a922ed5f1d30ef9ad1bc689fe7d406ea6014571804dacd383f7e14d94356af23c446d74fbb1bf245ab36ca2256c9dbcfd0bc5ff0940d6c4f

Malware Config

Extracted

Family icedid
Campaign 3068011852
C2

yolneanz.com

Targets
Target

documents.lnk

MD5

fb7d17b5ec787f604a1c1a444ac13c03

Filesize

1KB

Score
10/10
SHA1

a72296fd3b7d5225a368ae3be57db9209315e1d7

SHA256

4ed0e46236e39c6efe3f1f96d6a1e3a5cc60b7bcfabe560823b141dcef4c66de

SHA512

1ffc5007e14aaacb9cafd31614a7f8fc9654f3c655cb5c167dd10c0a79e4703db902763ddaaabd8277e2c4849bbcabf30587123708e24343815874e61109ae1a

Tags

Signatures

  • IcedID, BokBot

    Description

    IcedID is a banking trojan capable of stealing credentials.

    Tags

  • suricata: ET MALWARE Win32/IcedID Request Cookie

    Description

    suricata: ET MALWARE Win32/IcedID Request Cookie

    Tags

  • Blocklisted process makes network request

  • Checks computer location settings

    Description

    Looks up country code configured in the registry, likely geofence.

    TTPs

    Query RegistrySystem Information Discovery

Related Tasks

Target

mi90o.dll

MD5

0ad0a1a3bfc696759bac79077654aa8a

Filesize

486KB

Score
3/10
SHA1

38bea715a0c8642e0d67213be6206bbe4b9afc44

SHA256

a8058555e8b476a0975d103228ec26b53cd71dac34d21f58acfc395a38acdb1d

SHA512

dd1588cbe8ac2915f0953976e8f5c837c1bb5fb7cf484fdeb46ba99ea070a0093a440cb876a88b909bd170502218d6fa52bf1c693611e9b973e53c870a3bc6d6

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                      Privilege Escalation
                        Tasks

                        static1

                        behavioral3

                        3/10

                        behavioral4

                        3/10