General

  • Target

    1d8a5cf29136b0a33402645100b4f72e.exe

  • Size

    416KB

  • Sample

    221003-h9hppsdbc9

  • MD5

    1d8a5cf29136b0a33402645100b4f72e

  • SHA1

    bbb4356c5b04f9dd8b9bcf7f663646cbe0b7af62

  • SHA256

    b6b4a5060b407aee5d4724efaca8f8336f74989cbd590bb175479d8bb08d3126

  • SHA512

    4775af8994f497aa351ba8cc95bafb1581fa738bc287ad0a870552c11010e8587606a19b5d946138dc409397fc83e201a5eb88df771c34f11df37ad8f3e95db5

Malware Config

Extracted

Family

icedid

Campaign

1776411935

C2

eliskapalu.com

Targets

    • Target

      1d8a5cf29136b0a33402645100b4f72e.exe

    • Size

      416KB

    • MD5

      1d8a5cf29136b0a33402645100b4f72e

    • SHA1

      bbb4356c5b04f9dd8b9bcf7f663646cbe0b7af62

    • SHA256

      b6b4a5060b407aee5d4724efaca8f8336f74989cbd590bb175479d8bb08d3126

    • SHA512

      4775af8994f497aa351ba8cc95bafb1581fa738bc287ad0a870552c11010e8587606a19b5d946138dc409397fc83e201a5eb88df771c34f11df37ad8f3e95db5

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

          Discovery

            Execution

              Exfiltration

                Impact

                  Initial Access

                    Lateral Movement

                      Persistence

                        Privilege Escalation