General

  • Target

    390ca42e60d1dac02598e5636aae63df.exe

  • Size

    556KB

  • Sample

    221003-h9hppsdbd2

  • MD5

    390ca42e60d1dac02598e5636aae63df

  • SHA1

    ef449a549d08e3666b4bf1270c475b48eb494a53

  • SHA256

    893222b345deb0d1ad76134d5772079681cb174f91b20cc8f6a78a148de8706f

  • SHA512

    6c279f8abf4c7d76ef9fc832e01f1829211ed27e609e461a3952b59ec5fd2d656292f8d25c82fce71ed73566f2324c4a00f81bb9857be0c2d89f0ca76c2a5dd6

Malware Config

Extracted

Family

icedid

Campaign

1776411935

C2

eliskapalu.com

Targets

    • Target

      390ca42e60d1dac02598e5636aae63df.exe

    • Size

      556KB

    • MD5

      390ca42e60d1dac02598e5636aae63df

    • SHA1

      ef449a549d08e3666b4bf1270c475b48eb494a53

    • SHA256

      893222b345deb0d1ad76134d5772079681cb174f91b20cc8f6a78a148de8706f

    • SHA512

      6c279f8abf4c7d76ef9fc832e01f1829211ed27e609e461a3952b59ec5fd2d656292f8d25c82fce71ed73566f2324c4a00f81bb9857be0c2d89f0ca76c2a5dd6

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

          Discovery

            Execution

              Exfiltration

                Impact

                  Initial Access

                    Lateral Movement

                      Persistence

                        Privilege Escalation