General

  • Target

    07b7891d0ee60bd7126c78e704216c1b.dll

  • Size

    675KB

  • Sample

    220710-p6b63sbedk

  • MD5

    07b7891d0ee60bd7126c78e704216c1b

  • SHA1

    bd0f25d460f4e55978893bf7b59eda415763786b

  • SHA256

    fae3b9ae10230180a713af06bc32df8d3fee11b6c99a2efc89e12767a979e8e9

  • SHA512

    cb9d3a9294d20fa4fbe76d63089c6b323d5f48403dad1606e42eb76d947e90350d83146b07819590b69d2c2d43ada7e654c074b1e301d2c3552ddd3e793069c2

Malware Config

Extracted

Family

icedid

Campaign

1060798742

C2

carismorth.com

Targets

    • Target

      07b7891d0ee60bd7126c78e704216c1b.dll

    • Size

      675KB

    • MD5

      07b7891d0ee60bd7126c78e704216c1b

    • SHA1

      bd0f25d460f4e55978893bf7b59eda415763786b

    • SHA256

      fae3b9ae10230180a713af06bc32df8d3fee11b6c99a2efc89e12767a979e8e9

    • SHA512

      cb9d3a9294d20fa4fbe76d63089c6b323d5f48403dad1606e42eb76d947e90350d83146b07819590b69d2c2d43ada7e654c074b1e301d2c3552ddd3e793069c2

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • suricata: ET MALWARE Win32/IcedID Request Cookie

      suricata: ET MALWARE Win32/IcedID Request Cookie

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks