General

  • Target

    30a381e43143e617632041a0f779e420.dll

  • Size

    110KB

  • Sample

    220723-wlv7sagbe6

  • MD5

    30a381e43143e617632041a0f779e420

  • SHA1

    551f6c298d4be3e77ec6a4d55f6fcc97870a0ca9

  • SHA256

    7dab73fa6aecefcfe2a708e5a9a13258351206acc6a353c3226624e53e9b51d2

  • SHA512

    bc5b7491ca41bdd960317efd6a03f5af223c5f6c8a297a4beb2769d87a0f9ed2b8e1f9ccb78b011333d897cf74cf52d0a2fc679933c815e49fd242f50e180d8a

Malware Config

Extracted

Family

icedid

Campaign

244156380

C2

garbagewellduno.com

Targets

    • Target

      30a381e43143e617632041a0f779e420.dll

    • Size

      110KB

    • MD5

      30a381e43143e617632041a0f779e420

    • SHA1

      551f6c298d4be3e77ec6a4d55f6fcc97870a0ca9

    • SHA256

      7dab73fa6aecefcfe2a708e5a9a13258351206acc6a353c3226624e53e9b51d2

    • SHA512

      bc5b7491ca41bdd960317efd6a03f5af223c5f6c8a297a4beb2769d87a0f9ed2b8e1f9ccb78b011333d897cf74cf52d0a2fc679933c815e49fd242f50e180d8a

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks