General

  • Target

    IzMJUHe.dat

  • Size

    322KB

  • Sample

    220725-yz9y7sdch7

  • MD5

    08cf671edd7553ef571b6cd4a9c4ad63

  • SHA1

    a095e222194489cb57273512838dcf41810019ce

  • SHA256

    268a0e71b17a982bded1faf4c0b32c1ecd470701de807e78a1470485e62c4317

  • SHA512

    e8070e4f0ce743398fbaaa972b1b5ddcab86b4ca5d4151b8078a7d99c73d33270cd45919d512d1d8711852ce340f4d5816b4cd5ded0c92437459511973dbdfa4

Malware Config

Extracted

Family

icedid

Campaign

801015007

C2

eventbloodd.com

Targets

    • Target

      IzMJUHe.dat

    • Size

      322KB

    • MD5

      08cf671edd7553ef571b6cd4a9c4ad63

    • SHA1

      a095e222194489cb57273512838dcf41810019ce

    • SHA256

      268a0e71b17a982bded1faf4c0b32c1ecd470701de807e78a1470485e62c4317

    • SHA512

      e8070e4f0ce743398fbaaa972b1b5ddcab86b4ca5d4151b8078a7d99c73d33270cd45919d512d1d8711852ce340f4d5816b4cd5ded0c92437459511973dbdfa4

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks