General

  • Target

    fdc690e6ecb41191c70deea3bc0e7bf6fbce71b46c8f5bd5c9247fb40304f8b7

  • Size

    536KB

  • Sample

    220707-vvbztscdej

  • MD5

    f2b19aaebcc1a717a8e801f2ece4439c

  • SHA1

    e80d68c160790e52064bc8d4e051de2c7b5a587e

  • SHA256

    fdc690e6ecb41191c70deea3bc0e7bf6fbce71b46c8f5bd5c9247fb40304f8b7

  • SHA512

    2cc25aec151e544bfbcde5cc6114c3eedab39f5b5a0461d1e7de148b3e54e16ad9932e8208e6f1ad83f6125f099506830d23e0e5d4d706d9e003107b53f1ad2e

Malware Config

Extracted

Family

icedid

Campaign

227378761

C2

blionarywesta.com

Targets

    • Target

      fdc690e6ecb41191c70deea3bc0e7bf6fbce71b46c8f5bd5c9247fb40304f8b7

    • Size

      536KB

    • MD5

      f2b19aaebcc1a717a8e801f2ece4439c

    • SHA1

      e80d68c160790e52064bc8d4e051de2c7b5a587e

    • SHA256

      fdc690e6ecb41191c70deea3bc0e7bf6fbce71b46c8f5bd5c9247fb40304f8b7

    • SHA512

      2cc25aec151e544bfbcde5cc6114c3eedab39f5b5a0461d1e7de148b3e54e16ad9932e8208e6f1ad83f6125f099506830d23e0e5d4d706d9e003107b53f1ad2e

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • suricata: ET MALWARE Win32/IcedID Request Cookie

      suricata: ET MALWARE Win32/IcedID Request Cookie

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks