General

  • Target

    at5nom.dll

  • Size

    62KB

  • Sample

    220719-wvhcaafhd7

  • MD5

    2cf4de70ef75abd46922b323d95a0cbc

  • SHA1

    e2149af3ee5528af3e0cfc53b663b5cd55fe58bb

  • SHA256

    c162f1701e696f4e57489a9a79a43a95f0520678d9592712e69ddbc092c2009e

  • SHA512

    5ea61738c8426ca3f45fb096003fdd79b7faaeaab1e070e5bdbd5bc56efcbf07f778ddb93938ca9c0e42012511c63204a2c41d0783a0b8b4e2d0125c8c0af2b0

Malware Config

Extracted

Family

icedid

Campaign

1211797313

C2

alldogsedag.com

Targets

    • Target

      at5nom.dll

    • Size

      62KB

    • MD5

      2cf4de70ef75abd46922b323d95a0cbc

    • SHA1

      e2149af3ee5528af3e0cfc53b663b5cd55fe58bb

    • SHA256

      c162f1701e696f4e57489a9a79a43a95f0520678d9592712e69ddbc092c2009e

    • SHA512

      5ea61738c8426ca3f45fb096003fdd79b7faaeaab1e070e5bdbd5bc56efcbf07f778ddb93938ca9c0e42012511c63204a2c41d0783a0b8b4e2d0125c8c0af2b0

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks