General

  • Target

    768327532892733679.dll

  • Size

    424KB

  • Sample

    220630-1aqv5sbchq

  • MD5

    92b73d78e901480734e937cc5a6c0c9d

  • SHA1

    bc4c1a27ae6655bab4749a5fb4d5e6908ae1b563

  • SHA256

    219d1bd045d7c3328184aba4842cc0d36acae7e835564d84ee2d8ffea94e4317

  • SHA512

    85b9999a86f302b6ecf4519c1873eb20095a3700dd1d50f202cb3eae790cbeb21a36c770ae32768c9fa256168164b6b2e704a316cbcd199e31262aa2093c2bc6

Malware Config

Extracted

Family

icedid

Campaign

1825398430

C2

ciaontroni.com

Targets

    • Target

      768327532892733679.dll

    • Size

      424KB

    • MD5

      92b73d78e901480734e937cc5a6c0c9d

    • SHA1

      bc4c1a27ae6655bab4749a5fb4d5e6908ae1b563

    • SHA256

      219d1bd045d7c3328184aba4842cc0d36acae7e835564d84ee2d8ffea94e4317

    • SHA512

      85b9999a86f302b6ecf4519c1873eb20095a3700dd1d50f202cb3eae790cbeb21a36c770ae32768c9fa256168164b6b2e704a316cbcd199e31262aa2093c2bc6

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • suricata: ET MALWARE Win32/IcedID Request Cookie

      suricata: ET MALWARE Win32/IcedID Request Cookie

MITRE ATT&CK Matrix

Tasks