General

  • Target

    00dd6aeb15e617e9c1fab4eecaa847c6.dll

  • Size

    423KB

  • Sample

    220704-xmnd1aagej

  • MD5

    00dd6aeb15e617e9c1fab4eecaa847c6

  • SHA1

    80f60e0cfbf2926555a87623a448e4d7763d1acd

  • SHA256

    cb5a1e1bcfeb4beb9f4c6bbd47371c6e0463e51f687c29b22616f83abbe8042d

  • SHA512

    8572404141e2d3e3d40b0de6e80e949cfaba6d931ddeb40673dd7224d64914167ceebc5af8981d2d2c9cae881fb32f2e1f28aeb664a2e8af4f777de59805d03d

Malware Config

Extracted

Family

icedid

Campaign

3635541348

C2

piponareatna.com

Targets

    • Target

      00dd6aeb15e617e9c1fab4eecaa847c6.dll

    • Size

      423KB

    • MD5

      00dd6aeb15e617e9c1fab4eecaa847c6

    • SHA1

      80f60e0cfbf2926555a87623a448e4d7763d1acd

    • SHA256

      cb5a1e1bcfeb4beb9f4c6bbd47371c6e0463e51f687c29b22616f83abbe8042d

    • SHA512

      8572404141e2d3e3d40b0de6e80e949cfaba6d931ddeb40673dd7224d64914167ceebc5af8981d2d2c9cae881fb32f2e1f28aeb664a2e8af4f777de59805d03d

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • suricata: ET MALWARE Win32/IcedID Request Cookie

      suricata: ET MALWARE Win32/IcedID Request Cookie

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks