General

  • Target

    176cd8af6a4926e7a812fad1fbdf7a8b.dll

  • Size

    107KB

  • Sample

    220723-j8z32addcr

  • MD5

    176cd8af6a4926e7a812fad1fbdf7a8b

  • SHA1

    58db8d95258b84faec278b6cd332522615cb9def

  • SHA256

    fd9d324613bb72d6d0acea22f213d109b95c7599de486e998c8a574bc9bb2b72

  • SHA512

    8cf4d4bc17218964d108520608d7f38eeb054b3ae56133b80609e86dc8f5fc5b95e713f7822f794dd7db053d205ccfb624bd94b4167bf7f384ac40f01055dc05

Malware Config

Extracted

Family

icedid

Campaign

1195019694

C2

garbagewellduno.com

Targets

    • Target

      176cd8af6a4926e7a812fad1fbdf7a8b.dll

    • Size

      107KB

    • MD5

      176cd8af6a4926e7a812fad1fbdf7a8b

    • SHA1

      58db8d95258b84faec278b6cd332522615cb9def

    • SHA256

      fd9d324613bb72d6d0acea22f213d109b95c7599de486e998c8a574bc9bb2b72

    • SHA512

      8cf4d4bc17218964d108520608d7f38eeb054b3ae56133b80609e86dc8f5fc5b95e713f7822f794dd7db053d205ccfb624bd94b4167bf7f384ac40f01055dc05

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • suricata: ET MALWARE Win32/IcedID Request Cookie

      suricata: ET MALWARE Win32/IcedID Request Cookie

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks