General

  • Target

    0581f0bf260a11a5662d58b99a82ec756c9365613833bce8f102ec1235a7d4f7.exe

  • Size

    702KB

  • Sample

    220523-zbn79saegq

  • MD5

    9b692f43d575acb739decfc809db7f2e

  • SHA1

    bc42c60590cb908e765e2d97e8b3a92b4616cd30

  • SHA256

    0581f0bf260a11a5662d58b99a82ec756c9365613833bce8f102ec1235a7d4f7

  • SHA512

    f99f546940bd96c6e9cac6a8500f25280ed190b9830247a5c7249d30a40fd1b4e3c94ca0455e337e77682a7a2b14a259b0aa4cf9680e9ccf727f71ae69873473

Malware Config

Extracted

Family

icedid

Campaign

109932505

C2

ilekvoyn.com

Targets

    • Target

      0581f0bf260a11a5662d58b99a82ec756c9365613833bce8f102ec1235a7d4f7.exe

    • Size

      702KB

    • MD5

      9b692f43d575acb739decfc809db7f2e

    • SHA1

      bc42c60590cb908e765e2d97e8b3a92b4616cd30

    • SHA256

      0581f0bf260a11a5662d58b99a82ec756c9365613833bce8f102ec1235a7d4f7

    • SHA512

      f99f546940bd96c6e9cac6a8500f25280ed190b9830247a5c7249d30a40fd1b4e3c94ca0455e337e77682a7a2b14a259b0aa4cf9680e9ccf727f71ae69873473

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • suricata: ET MALWARE Win32/IcedID Request Cookie

      suricata: ET MALWARE Win32/IcedID Request Cookie

MITRE ATT&CK Matrix

Tasks