Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    decontaminating.dat

  • Size

    127KB

  • Sample

    221018-yvjlfsded6

  • MD5

    eb7b2dc3fc139c52bb935a2dd8bba5cf

  • SHA1

    6c0b7dda3f550d1d8ecc503c5faa91acf36214ab

  • SHA256

    af607b3f29a36b96b158e5d9244553ae4042575c5f2941f55229fe8f9ae2b9a0

  • SHA512

    0d46464a25af12d0ba362911164d721034a4ac7398cc05444c03f5ea88981de39f05d13f0c5055618ffaff5d93442fa8ff583b7ac85c572f9d8af65a12de5624

  • SSDEEP

    1536:vMwa03OsvtjgoEtT44F0oGayiQ0OWAiR4BWIJ+lcNrPQIpC3Wrt9:kwj3OsF8GjMyiYWraaot9

Malware Config

Extracted

Family

icedid

Campaign

4182817597

C2

salimjizita.com

Targets

    • Target

      decontaminating.dat

    • Size

      127KB

    • MD5

      eb7b2dc3fc139c52bb935a2dd8bba5cf

    • SHA1

      6c0b7dda3f550d1d8ecc503c5faa91acf36214ab

    • SHA256

      af607b3f29a36b96b158e5d9244553ae4042575c5f2941f55229fe8f9ae2b9a0

    • SHA512

      0d46464a25af12d0ba362911164d721034a4ac7398cc05444c03f5ea88981de39f05d13f0c5055618ffaff5d93442fa8ff583b7ac85c572f9d8af65a12de5624

    • SSDEEP

      1536:vMwa03OsvtjgoEtT44F0oGayiQ0OWAiR4BWIJ+lcNrPQIpC3Wrt9:kwj3OsF8GjMyiYWraaot9

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks