d134e0bae735613ab6755c32dd4e11e6ce8122f863fac3e7d3e42c25bf72d5a7

General
Target

d134e0bae735613ab6755c32dd4e11e6ce8122f863fac3e7d3e42c25bf72d5a7

Size

229KB

Sample

220521-ee2bsaccgm

Score
10 /10
MD5

c1c5c655366f40e5ac0fe6a186b59f95

SHA1

333ca09acd1e155ee2bb9cc52fa75aa8ec96e2a7

SHA256

d134e0bae735613ab6755c32dd4e11e6ce8122f863fac3e7d3e42c25bf72d5a7

SHA512

d1b60a7b5f0476b47d5e3014835d39b65e9459b24b7766787ddddac9c2628610ffdaabd7f4718ebef902a0172959ee5c89381569ca5a89c7606a442b4c63c27c

Malware Config

Extracted

Family icedid
C2

bividilli.xyz

Targets
Target

ord_758.doc

MD5

5b195d34bd601700f499d97a6aed4069

Filesize

278KB

Score
10/10
SHA1

77995f57d2b831ec1f60d7cef1725ae9e62f4347

SHA256

837f40c12fc476d81d0741da2ab0bc0ee5c9857fe9623f2dfa33fb9f9d20f6ce

SHA512

7ee711e335cefe9b9c0af40dda6a276420448c7b0ad6ae4e764e827de50af8d7c5fa64d7444d4be645dedcc05860beef6378b97edc4936fa17f5affd2b1d4091

Tags

Signatures

  • IcedID, BokBot

    Description

    IcedID is a banking trojan capable of stealing credentials.

    Tags

  • IcedID First Stage Loader

    Tags

  • Executes dropped EXE

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
        Execution
          Exfiltration
            Impact
              Initial Access
                Lateral Movement
                  Persistence
                    Privilege Escalation
                      Tasks

                      static1

                      behavioral1

                      10/10

                      behavioral2

                      10/10