General

  • Target

    make.dat

  • Size

    181KB

  • Sample

    220721-p9x8qaffb5

  • MD5

    1094bdc0d94e649e0633cc92f9da8678

  • SHA1

    7ec62b8731e1272c0940c82a9e7781727406f3be

  • SHA256

    78cce189647150d2e9f7e041c9112fe183d33967f3e45e55e8bba86c1c59abb7

  • SHA512

    605bdac1b1d2ac4ff05e0a0244b6e285db48318c3fc6a026823bf1168b48b8d3e853229404e9787857ffaf83942d93055df85cbe7e1b1349757382b1e94aaacb

Malware Config

Extracted

Family

icedid

Campaign

901680721

C2

explorblins.com

Targets

    • Target

      make.dat

    • Size

      181KB

    • MD5

      1094bdc0d94e649e0633cc92f9da8678

    • SHA1

      7ec62b8731e1272c0940c82a9e7781727406f3be

    • SHA256

      78cce189647150d2e9f7e041c9112fe183d33967f3e45e55e8bba86c1c59abb7

    • SHA512

      605bdac1b1d2ac4ff05e0a0244b6e285db48318c3fc6a026823bf1168b48b8d3e853229404e9787857ffaf83942d93055df85cbe7e1b1349757382b1e94aaacb

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • suricata: ET MALWARE Win32/IcedID Request Cookie

      suricata: ET MALWARE Win32/IcedID Request Cookie

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks