General

  • Target

    7501296135.zip

  • Size

    460KB

  • Sample

    220525-2xel3aegd5

  • MD5

    2d071cb075b4bc31e1c979eecde6faeb

  • SHA1

    9dac67ce03be6caa53f7149189a4f5eda2a0cdc4

  • SHA256

    afc02b6439b4ff5b81ea7e72825f28bab38c2bd1a0505c44468a2e99868792c3

  • SHA512

    97455d7317dec99108b4eba34e994a88eb84e9939f2bf2731f56a832a22b1248e9deba47dbb2c806ac867c2f4a416e7371b05449d86d19cf0be35ba1f0f23ee0

Malware Config

Extracted

Family

icedid

Botnet

1129175425

C2

intonthsnstr.rest

estoptionicou.top

ypothesisabo.top

flipperzillo.quest

Attributes
  • auth_var

    9

  • url_path

    /news/

Targets

    • Target

      00271fb58b517a5240bb661b9d1222b3ff26582666a6e7c57d132d15d6b47f8f

    • Size

      948KB

    • MD5

      5bb2764db122ce725b6556e3aaad9504

    • SHA1

      1254601f5eb7f42da1a129d08dd46c5e3b94d6b8

    • SHA256

      00271fb58b517a5240bb661b9d1222b3ff26582666a6e7c57d132d15d6b47f8f

    • SHA512

      715d567aff20b610c14d6ac5d9c319587371654da40f30f8c1982c1803f7b97efea19e407e6ed1d169e4e72f8ad41021ea068f1ceec630fed8a0e24d6388d6ae

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

MITRE ATT&CK Matrix

Tasks