General

  • Target

    0973f6f6a3150d115f63c023a5208cfb.exe

  • Size

    13KB

  • Sample

    221003-h9hppsefgn

  • MD5

    0973f6f6a3150d115f63c023a5208cfb

  • SHA1

    4c5b9ce6d6c3e11f6c11b12fc1465319facc8ea7

  • SHA256

    b3063a902d1acc5bdafb98a7976974ea2430b8d62d8aeb414cc3f2fab190dafa

  • SHA512

    9a7adb738ce42550f85de06578000603cf0e8d8f2b7556ff45c2db22d2b7b8fff79f12c5a3200e11bd6ca9ae01ee263fcc18d370b3d1dd12b1125496f25bdee7

Malware Config

Extracted

Family

icedid

Campaign

1776411935

C2

eliskapalu.com

Extracted

Family

icedid

Campaign

1776411935

Targets

    • Target

      0973f6f6a3150d115f63c023a5208cfb.exe

    • Size

      13KB

    • MD5

      0973f6f6a3150d115f63c023a5208cfb

    • SHA1

      4c5b9ce6d6c3e11f6c11b12fc1465319facc8ea7

    • SHA256

      b3063a902d1acc5bdafb98a7976974ea2430b8d62d8aeb414cc3f2fab190dafa

    • SHA512

      9a7adb738ce42550f85de06578000603cf0e8d8f2b7556ff45c2db22d2b7b8fff79f12c5a3200e11bd6ca9ae01ee263fcc18d370b3d1dd12b1125496f25bdee7

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

MITRE ATT&CK Matrix

Collection

    Command and Control

      Credential Access

        Defense Evasion

          Discovery

            Execution

              Exfiltration

                Impact

                  Initial Access

                    Lateral Movement

                      Persistence

                        Privilege Escalation