General

  • Target

    5c7b0984f1b26c68c728cc2c6b442450.dll

  • Size

    673KB

  • Sample

    220710-k8fvtsagfq

  • MD5

    5c7b0984f1b26c68c728cc2c6b442450

  • SHA1

    8b205e521b5825fd7298c905425417e62a364a6d

  • SHA256

    840b05f212d85f7642c3c0ec92cfe5f2071b27d9bfb44d9755d4e55fc1288894

  • SHA512

    52bac3a21537d4f6e0b0423e9b67c02174dd52efa59bea0aa122bf6277a403a42a13011b8b5b79af31d518f6db079ac71f004e492f1abd36f8429f3eed49f31e

Malware Config

Extracted

Family

icedid

Campaign

1060798742

C2

carismorth.com

Targets

    • Target

      5c7b0984f1b26c68c728cc2c6b442450.dll

    • Size

      673KB

    • MD5

      5c7b0984f1b26c68c728cc2c6b442450

    • SHA1

      8b205e521b5825fd7298c905425417e62a364a6d

    • SHA256

      840b05f212d85f7642c3c0ec92cfe5f2071b27d9bfb44d9755d4e55fc1288894

    • SHA512

      52bac3a21537d4f6e0b0423e9b67c02174dd52efa59bea0aa122bf6277a403a42a13011b8b5b79af31d518f6db079ac71f004e492f1abd36f8429f3eed49f31e

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • suricata: ET MALWARE Win32/IcedID Request Cookie

      suricata: ET MALWARE Win32/IcedID Request Cookie

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks