General

  • Target

    b6301f6457523003d3613e3213e1456d.dll

  • Size

    110KB

  • Sample

    220723-qsc2wsegd5

  • MD5

    b6301f6457523003d3613e3213e1456d

  • SHA1

    5d3af7eda8c2d35ead5b0f945cece90c563a038c

  • SHA256

    72e4f5277616f7e84bcf0eedfc7a931e90b517f480455838682a376dbcd05789

  • SHA512

    3f9e6fce8272f77725a4a3b76de533b4f6f4fbb323fa3ff278184d219ee302e8821891ebdcfef0bba52d843e553a288b06f5d8e855ac9df1c2335eec188cc6f6

Malware Config

Extracted

Family

icedid

Campaign

244156380

C2

garbagewellduno.com

Targets

    • Target

      b6301f6457523003d3613e3213e1456d.dll

    • Size

      110KB

    • MD5

      b6301f6457523003d3613e3213e1456d

    • SHA1

      5d3af7eda8c2d35ead5b0f945cece90c563a038c

    • SHA256

      72e4f5277616f7e84bcf0eedfc7a931e90b517f480455838682a376dbcd05789

    • SHA512

      3f9e6fce8272f77725a4a3b76de533b4f6f4fbb323fa3ff278184d219ee302e8821891ebdcfef0bba52d843e553a288b06f5d8e855ac9df1c2335eec188cc6f6

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks