General

  • Target

    B0800

  • Size

    894KB

  • Sample

    220720-rcjeeagbgl

  • MD5

    4d3b62ca909977cb2c6d60cfc392d5cd

  • SHA1

    59a1b8e3dc3b00bd2acbe147a5fc4100abe75b6d

  • SHA256

    6efb7c867c0d3064ac426d80d91ce9bc00613f9204f6fea5bd820f7b92524398

  • SHA512

    fee8e65f4e8b55f3f536fbc29e2158b03d6354dd79044b640b2e98e619930b7e6fbf2feb1c6fe5539110f8d1b270b38907971ecf673939017f0f276f4035b6bf

Malware Config

Extracted

Family

icedid

Campaign

4182822218

C2

explorblins.com

Targets

    • Target

      B0800

    • Size

      894KB

    • MD5

      4d3b62ca909977cb2c6d60cfc392d5cd

    • SHA1

      59a1b8e3dc3b00bd2acbe147a5fc4100abe75b6d

    • SHA256

      6efb7c867c0d3064ac426d80d91ce9bc00613f9204f6fea5bd820f7b92524398

    • SHA512

      fee8e65f4e8b55f3f536fbc29e2158b03d6354dd79044b640b2e98e619930b7e6fbf2feb1c6fe5539110f8d1b270b38907971ecf673939017f0f276f4035b6bf

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks