General

  • Target

    787c778ecede05ddc4f214a1350ab51d.dll

  • Size

    96KB

  • Sample

    220724-jdbf7abfgl

  • MD5

    787c778ecede05ddc4f214a1350ab51d

  • SHA1

    ac345a86e8c08d2e80639c3bbf1d56ad8f81cf31

  • SHA256

    7d893c49b4c9e9e29bb7db23b12fdd11363d404479368cb256d3a43b5bda8cc5

  • SHA512

    2ab37dbf6de7bbd98a6fcd4840ac9379f5f3a64304b6d91843b69c702320ff76ce86f9ea8de5bf88823c898e2d942606b8c2d8267c7ea7b28547e311236f3be9

Malware Config

Extracted

Family

icedid

Campaign

2937671378

C2

cootembrast.com

Targets

    • Target

      787c778ecede05ddc4f214a1350ab51d.dll

    • Size

      96KB

    • MD5

      787c778ecede05ddc4f214a1350ab51d

    • SHA1

      ac345a86e8c08d2e80639c3bbf1d56ad8f81cf31

    • SHA256

      7d893c49b4c9e9e29bb7db23b12fdd11363d404479368cb256d3a43b5bda8cc5

    • SHA512

      2ab37dbf6de7bbd98a6fcd4840ac9379f5f3a64304b6d91843b69c702320ff76ce86f9ea8de5bf88823c898e2d942606b8c2d8267c7ea7b28547e311236f3be9

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • suricata: ET MALWARE Win32/IcedID Request Cookie

      suricata: ET MALWARE Win32/IcedID Request Cookie

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks