General

  • Target

    day.dat.dll

  • Size

    102KB

  • Sample

    220719-w6aftagham

  • MD5

    af0af2b3e0e162fbfcc1a7d01e88faab

  • SHA1

    d22e1fe156dc18cac03c71d1244e879004c07169

  • SHA256

    ea8b835b97c3ee06e7e2b99bcc60a565735ec5981b41713981b7018aa8c54013

  • SHA512

    658f8b38f2b354091135d3748d8afbc6bf5f9978af85240d99da6a08cf0e64984ce97e79da8adf13642e9f3263d594f81011ee4ea93d8654de08f460704079e2

Malware Config

Extracted

Family

icedid

Campaign

2745070743

C2

cootembrast.com

Targets

    • Target

      day.dat.dll

    • Size

      102KB

    • MD5

      af0af2b3e0e162fbfcc1a7d01e88faab

    • SHA1

      d22e1fe156dc18cac03c71d1244e879004c07169

    • SHA256

      ea8b835b97c3ee06e7e2b99bcc60a565735ec5981b41713981b7018aa8c54013

    • SHA512

      658f8b38f2b354091135d3748d8afbc6bf5f9978af85240d99da6a08cf0e64984ce97e79da8adf13642e9f3263d594f81011ee4ea93d8654de08f460704079e2

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks