General

  • Target

    inv_zippediso.zip

  • Size

    208KB

  • Sample

    220720-z7a1hsbafk

  • MD5

    76221bdb3fcbb9d96a756d6691dfd2de

  • SHA1

    dcf164c17349e70fea3b62790483e695bab1e9ef

  • SHA256

    89ada36edefe7e1f4be30b96a5bd2553b5deb24c256632a099f16196e6245957

  • SHA512

    9b54164c9e8d114dd080cd17bf0545c03ea0ae4c0b5679d0469b9ef705a0b7527f49f3d64a46ebacf7dd2b24781e29f0f3f944da78fd7124dbc39243150a9236

Malware Config

Extracted

Family

icedid

Campaign

901680721

C2

explorblins.com

Targets

    • Target

      order.lnk

    • Size

      1KB

    • MD5

      65f6162dcceb758b973278fe7a4ec800

    • SHA1

      1be2502ed38a1e3fdc91e859d91a7f56888eead4

    • SHA256

      bec5dae7f8dad5b86c755b5ce851551cc2afc52a50f4317f1e745250ca80d635

    • SHA512

      dc903be52d39d40cd13471ddc08c6f1f4edcb2635089caf9c846794ab4b74526b4924824b85dc78f36aa88d9097b345c059a5546378dd3161bc3c7d4253b5486

    Score
    3/10
    • Target

      year/day.jpg

    • Size

      95KB

    • MD5

      4af9af4c74fe63e354d0be755089cfd8

    • SHA1

      b6563d187ac1715d50eae2181ddc7026af5dc12a

    • SHA256

      a28a8f52c41a1f4879e50e44f8fffa12def7624f5794d8b11eb3cf1bd06a6205

    • SHA512

      71bc7c2af6050d5b6a62ea12883978f5fe6b8f6794619c5636646ead37dc122b35144babe21eb9d11001b0c041448fc65ccd116eb32f4caa4012cb9336760f36

    Score
    3/10
    • Target

      year/make.dat

    • Size

      181KB

    • MD5

      1094bdc0d94e649e0633cc92f9da8678

    • SHA1

      7ec62b8731e1272c0940c82a9e7781727406f3be

    • SHA256

      78cce189647150d2e9f7e041c9112fe183d33967f3e45e55e8bba86c1c59abb7

    • SHA512

      605bdac1b1d2ac4ff05e0a0244b6e285db48318c3fc6a026823bf1168b48b8d3e853229404e9787857ffaf83942d93055df85cbe7e1b1349757382b1e94aaacb

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • Blocklisted process makes network request

    • Target

      year/new.gif

    • Size

      55KB

    • MD5

      3d40d2ea33910cac01857c3d541328cd

    • SHA1

      0749f5dbcf8d1fcecf40a1391e2f592f8aff9c48

    • SHA256

      75993e8ba0fb1780589974b49ad638c15ba38a7da6491367e77d868dfab462aa

    • SHA512

      fddcb274f362ce1fe98c478985530925887a71b468e03e1eb1c5a1f5a76cc5fbe09cada944b154079b4e5a8b69d2376d64bf908274d88bf3376c4c6265c39548

    Score
    1/10
    • Target

      year/worker.cmd

    • Size

      37B

    • MD5

      63443438bf83dd836dd7bbceeb8c12e7

    • SHA1

      ecb596c586df703899daa9e0171c78e390b2838d

    • SHA256

      55bda51c360dce97cf9549e46bef50b3b11dfb1396d4caa86bfb16932a5f7ee5

    • SHA512

      eb72df11bea6d7f5d1fefaff9036b93c638a254690fa588356b8c2caa66e38ec48cbbd3100666bcfb31b7782a3981fbdc075d196ad65d8beef20bd8cba7aa0a5

    Score
    1/10
    • Target

      year/worker.js

    • Size

      556B

    • MD5

      89a18f3382fe9b8500b44367aec69582

    • SHA1

      310522553186fff7160808a36f2e57f8ddd74ae5

    • SHA256

      a4a91e6b79a87addc77b7fe4fb41bf5f807147adf9370d67be98283d66ad6e3b

    • SHA512

      e6250e584034f863225e6fdd6566c55d8e99b9112490beecc0c1177524e0ab04436408487fe770dcaa115724ea89d63ce7a5795bfe6f9ec5e31fc62598d6a66a

    Score
    1/10

MITRE ATT&CK Enterprise v6

Tasks