General

  • Target

    so2ra4.dll

  • Size

    318KB

  • Sample

    220725-tfftsshdcj

  • MD5

    9b7a8483c04543e87b09658717219d44

  • SHA1

    48741415154f1148d6910165658ed056e9ad7249

  • SHA256

    15c0f11ed817ad32034de1da17fda8d6328d895fda20548eda176ee0982c6aa8

  • SHA512

    cbc703457713d5e85024023b7f82927469f810c23a2b6b8994aceee03d4df6e3b6c09efa79d31067996bd82a9f7a3aae59c9787334057237f0deccb0b3f82192

Malware Config

Extracted

Family

icedid

Campaign

4149266980

C2

floatascentry.com

Targets

    • Target

      so2ra4.dll

    • Size

      318KB

    • MD5

      9b7a8483c04543e87b09658717219d44

    • SHA1

      48741415154f1148d6910165658ed056e9ad7249

    • SHA256

      15c0f11ed817ad32034de1da17fda8d6328d895fda20548eda176ee0982c6aa8

    • SHA512

      cbc703457713d5e85024023b7f82927469f810c23a2b6b8994aceee03d4df6e3b6c09efa79d31067996bd82a9f7a3aae59c9787334057237f0deccb0b3f82192

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks