f865f53cb0f7c3f4824f9ec3b36228c15c94477344eae931ce8f594899bb632b

General
Target

f865f53cb0f7c3f4824f9ec3b36228c15c94477344eae931ce8f594899bb632b

Size

257KB

Sample

220521-msl31sfeck

Score
10 /10
MD5

7793ceb5048b3cbda3b017e67c4b733b

SHA1

79f4e992b024ddf07d837262f0c5c78f447844c1

SHA256

f865f53cb0f7c3f4824f9ec3b36228c15c94477344eae931ce8f594899bb632b

SHA512

1cf4cee36c33f19ea01b29b05d22067c4751e937acbb5646f427249f9f8ad6011620e676d98b75e9e0c4ceed270026db4c6791ab65e55c4f51f8b94b37658b51

Malware Config

Extracted

Family icedid
C2

3chickens.pw

Targets
Target

ord_482.doc

MD5

bf61de5c8c5da0b79f0fccca3c4f5e04

Filesize

266KB

Score
10/10
SHA1

ce568d2e8d9c1c86a8caf54bbaa85b80984b5cbe

SHA256

eee5599e3d990a109e7346469d8739d184628192831144da80e69244ebdb19d0

SHA512

a55fc8f2bc6cb96c730331a9bd4d5a46a86008f7ed0b09b5c587246a8a370dba01e0227926aa01ab590b3df1fb7662d48c5b2966a651d05a7fe32bc5208379e8

Tags

Signatures

  • IcedID, BokBot

    Description

    IcedID is a banking trojan capable of stealing credentials.

    Tags

  • IcedID First Stage Loader

    Tags

  • Executes dropped EXE

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
        Execution
          Exfiltration
            Impact
              Initial Access
                Lateral Movement
                  Persistence
                    Privilege Escalation
                      Tasks

                      static1

                      behavioral1

                      10/10

                      behavioral2

                      10/10