General

  • Target

    b4ramo.dll

  • Size

    179KB

  • Sample

    220720-2ys6vabad8

  • MD5

    5850e1a4baa06d9f93878b70c3e7fa4e

  • SHA1

    fcdb5acb16d0f7bb4a95263e4c96541d0266a570

  • SHA256

    12e698a46801326d28d5a64e5c66085079285d352f64bdc3c53362684bbca9c3

  • SHA512

    c4ac7823b34e84bde5b04263430083344ceea25fc30d4b9959738882c6e07e3df4e366ba74c790ece8dc57e6929aca345da48554f70907916d4f71320633e2e0

Malware Config

Extracted

Family

icedid

Campaign

4182822218

C2

explorblins.com

Targets

    • Target

      b4ramo.dll

    • Size

      179KB

    • MD5

      5850e1a4baa06d9f93878b70c3e7fa4e

    • SHA1

      fcdb5acb16d0f7bb4a95263e4c96541d0266a570

    • SHA256

      12e698a46801326d28d5a64e5c66085079285d352f64bdc3c53362684bbca9c3

    • SHA512

      c4ac7823b34e84bde5b04263430083344ceea25fc30d4b9959738882c6e07e3df4e366ba74c790ece8dc57e6929aca345da48554f70907916d4f71320633e2e0

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks