General

  • Target

    fucku.exe

  • Size

    32KB

  • Sample

    220722-vehsfagffn

  • MD5

    0bf8ec378d4f3f2ef4a98fbb47de1ef1

  • SHA1

    5aec34e5c1620fb15ce25c856b8f578e3e1459b2

  • SHA256

    5fe7fd8c6b0e160b8968e82d3d90569813654aeac2313bc7fdd3284c80cadb7f

  • SHA512

    ede1d64b57ffbc5beccb01b27d4f4446712420e10a4689955e2d573fa892d335c8b680ee38d0d339932766beea65be77b86bdccd396d6e942f3403026d72116a

Malware Config

Extracted

Family

icedid

Campaign

2492795688

C2

greenfairsaid.com

Extracted

Family

icedid

Campaign

2492795688

Targets

    • Target

      fucku.exe

    • Size

      32KB

    • MD5

      0bf8ec378d4f3f2ef4a98fbb47de1ef1

    • SHA1

      5aec34e5c1620fb15ce25c856b8f578e3e1459b2

    • SHA256

      5fe7fd8c6b0e160b8968e82d3d90569813654aeac2313bc7fdd3284c80cadb7f

    • SHA512

      ede1d64b57ffbc5beccb01b27d4f4446712420e10a4689955e2d573fa892d335c8b680ee38d0d339932766beea65be77b86bdccd396d6e942f3403026d72116a

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • suricata: ET MALWARE Win32/IcedID Request Cookie

      suricata: ET MALWARE Win32/IcedID Request Cookie

MITRE ATT&CK Matrix

Tasks