General

  • Target

    35d05b8f6fe88513019a9b6969d26d7c.dll

  • Size

    672KB

  • Sample

    221004-s4269sbdb3

  • MD5

    35d05b8f6fe88513019a9b6969d26d7c

  • SHA1

    273ad00c6c8d25f4cd4514c62a4ce4cb6d42b64f

  • SHA256

    44bc48faacec22e57e39e4df753cd32619c8e61d106d0818dca8ad749396c1a6

  • SHA512

    d3754d1987e986ef5d14fc633d28c33ee7ab092f9d641d400a193097c8e9c16240064de2989a46ebade327c36d25583101fa5ddb44012bf78d12dc76884aac63

  • SSDEEP

    12288:Pk0bSzrCEhwrC8yIJrlwgOW9xwMGwy0w7w4wJ+wwwZwb8bewf+HwddBlvh:Pk0mPXR0gI7h

Malware Config

Extracted

Family

icedid

Campaign

2399258081

C2

eysneolissionsm.com

Targets

    • Target

      35d05b8f6fe88513019a9b6969d26d7c.dll

    • Size

      672KB

    • MD5

      35d05b8f6fe88513019a9b6969d26d7c

    • SHA1

      273ad00c6c8d25f4cd4514c62a4ce4cb6d42b64f

    • SHA256

      44bc48faacec22e57e39e4df753cd32619c8e61d106d0818dca8ad749396c1a6

    • SHA512

      d3754d1987e986ef5d14fc633d28c33ee7ab092f9d641d400a193097c8e9c16240064de2989a46ebade327c36d25583101fa5ddb44012bf78d12dc76884aac63

    • SSDEEP

      12288:Pk0bSzrCEhwrC8yIJrlwgOW9xwMGwy0w7w4wJ+wwwZwb8bewf+HwddBlvh:Pk0mPXR0gI7h

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks