General

  • Target

    67299ce0f6644ec5c4bc807f6cd5683b1755ca61f14ae4df0d34465801541e99

  • Size

    102KB

  • Sample

    220720-km727adfh3

  • MD5

    d6530ccbe6ba26ed6370aaa072e4dad0

  • SHA1

    16955a712ed799dc8df9e7f4b21272f3760cba39

  • SHA256

    67299ce0f6644ec5c4bc807f6cd5683b1755ca61f14ae4df0d34465801541e99

  • SHA512

    f8a67d337b4c108eddb1fd5f6a7d399b08dd3ccd0f36335ad4bc6a1b5e2293b3fe0ab3af3d50c8830b6f7ff1eb885bcbeb38b36aa200f3cc4dd8097357727a01

Malware Config

Extracted

Family

icedid

Campaign

2745070743

C2

cootembrast.com

Targets

    • Target

      67299ce0f6644ec5c4bc807f6cd5683b1755ca61f14ae4df0d34465801541e99

    • Size

      102KB

    • MD5

      d6530ccbe6ba26ed6370aaa072e4dad0

    • SHA1

      16955a712ed799dc8df9e7f4b21272f3760cba39

    • SHA256

      67299ce0f6644ec5c4bc807f6cd5683b1755ca61f14ae4df0d34465801541e99

    • SHA512

      f8a67d337b4c108eddb1fd5f6a7d399b08dd3ccd0f36335ad4bc6a1b5e2293b3fe0ab3af3d50c8830b6f7ff1eb885bcbeb38b36aa200f3cc4dd8097357727a01

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks