General

  • Target

    overcasting.dll

  • Size

    161KB

  • Sample

    221202-ehbwasbd88

  • MD5

    13dc944a91cffd0385e29ea899a43af2

  • SHA1

    793cfb6887fd324583ab1df77ff5e96391a3887b

  • SHA256

    af5f6f066ffc8c375d6e4d1138d63da32014d7ea21b8b7582da0cd8b97794cbe

  • SHA512

    258c0c920f0e76f2b883f967cf73114890f61abbee0824d9b2e913623feaeb53c2b1179bc34df49627fe39459e1d9b20986186015fa0168c7b452eeba7449c39

  • SSDEEP

    3072:rag+wcWn3nAVoBOSMc3NtwhGNS+4is6b2:rJwYl3S1ub2

Malware Config

Extracted

Family

icedid

Campaign

2271535685

C2

babysoftletirs.com

Targets

    • Target

      overcasting.dll

    • Size

      161KB

    • MD5

      13dc944a91cffd0385e29ea899a43af2

    • SHA1

      793cfb6887fd324583ab1df77ff5e96391a3887b

    • SHA256

      af5f6f066ffc8c375d6e4d1138d63da32014d7ea21b8b7582da0cd8b97794cbe

    • SHA512

      258c0c920f0e76f2b883f967cf73114890f61abbee0824d9b2e913623feaeb53c2b1179bc34df49627fe39459e1d9b20986186015fa0168c7b452eeba7449c39

    • SSDEEP

      3072:rag+wcWn3nAVoBOSMc3NtwhGNS+4is6b2:rJwYl3S1ub2

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

MITRE ATT&CK Matrix

Tasks