0dc2f51c2f087769a91ee4349a7dc94846427577a24ba6fffeaa9fd9a25a54bb

General
Target

0dc2f51c2f087769a91ee4349a7dc94846427577a24ba6fffeaa9fd9a25a54bb

Size

224KB

Sample

220521-aeafvaaba8

Score
10 /10
MD5

9e754bbe3e8d27ade46b544ca82d68b2

SHA1

7a82992b50aefe5599c159bb069687250d7b00ab

SHA256

0dc2f51c2f087769a91ee4349a7dc94846427577a24ba6fffeaa9fd9a25a54bb

SHA512

6af4c48eb1c975b08c3a5fd7553e45aa064a39116442772fc3479a942a41b88125e434784a16c78917661c377d000251c820330d8de35cf4d8b3c27cac60e41e

Malware Config

Extracted

Family icedid
C2

loadberlin.casa

Targets
Target

0dc2f51c2f087769a91ee4349a7dc94846427577a24ba6fffeaa9fd9a25a54bb

MD5

9e754bbe3e8d27ade46b544ca82d68b2

Filesize

224KB

Score
10/10
SHA1

7a82992b50aefe5599c159bb069687250d7b00ab

SHA256

0dc2f51c2f087769a91ee4349a7dc94846427577a24ba6fffeaa9fd9a25a54bb

SHA512

6af4c48eb1c975b08c3a5fd7553e45aa064a39116442772fc3479a942a41b88125e434784a16c78917661c377d000251c820330d8de35cf4d8b3c27cac60e41e

Tags

Signatures

  • IcedID, BokBot

    Description

    IcedID is a banking trojan capable of stealing credentials.

    Tags

  • IcedID First Stage Loader

    Tags

  • Blocklisted process makes network request

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10

                          behavioral2

                          10/10