General

  • Target

    e772e413bd34978b36c9262cd2fa77fe.dll

  • Size

    61KB

  • Sample

    220718-dlq9qaaben

  • MD5

    e772e413bd34978b36c9262cd2fa77fe

  • SHA1

    f6a348e3fcd859f95d70c0be4546f69f7468acd1

  • SHA256

    9324277e605dc0ff74d719be6210d99bc3c6b031d9395e24f185181d32889572

  • SHA512

    8c5a7c5b44254ed20074a13fc3c8f640c59617044efe6da0836dfa7e465aab547485b46f946a7c37754cf26bfda4c8fa6c7bcbdb22fa2467184301662857f774

Malware Config

Extracted

Family

icedid

Campaign

1259637749

C2

lifelightnilsa.com

Targets

    • Target

      e772e413bd34978b36c9262cd2fa77fe.dll

    • Size

      61KB

    • MD5

      e772e413bd34978b36c9262cd2fa77fe

    • SHA1

      f6a348e3fcd859f95d70c0be4546f69f7468acd1

    • SHA256

      9324277e605dc0ff74d719be6210d99bc3c6b031d9395e24f185181d32889572

    • SHA512

      8c5a7c5b44254ed20074a13fc3c8f640c59617044efe6da0836dfa7e465aab547485b46f946a7c37754cf26bfda4c8fa6c7bcbdb22fa2467184301662857f774

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • suricata: ET MALWARE Win32/IcedID Request Cookie

      suricata: ET MALWARE Win32/IcedID Request Cookie

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks