General

  • Target

    1ac394ddbf23133627ffd200704a247e.bin.bin

  • Size

    1.8MB

  • Sample

    230430-z4mj5sdb7s

  • MD5

    779db7a2d646557891a2d6bf5b1dd441

  • SHA1

    745ead7a28fa33e9379181be64989ef9696ceb96

  • SHA256

    698a0dae88f839dd932587eaee64d459176659f3afe2ebd9c81f69162b18fd37

  • SHA512

    24a97ceff4313c8c0430452600f7acedbe4cdfc23a266572d4c9da4e535ea4bdc61478cbb19050ce580077f8d0a09d5b5d5505e453824cfe7657edc1cc251678

  • SSDEEP

    49152:wA7hfFVwCuWXiV4NxJ3glOrVCsi/WVqnnMOoKXIfOHqd:T7S2NDglMVCNxnRDguqd

Malware Config

Extracted

Family

icedid

Targets

    • Target

      e597b161cf2d643c4e579ef238ca111d23efd5d8a832f1be0fd8b0dae78ec0af.exe

    • Size

      5.0MB

    • MD5

      1ac394ddbf23133627ffd200704a247e

    • SHA1

      bc1c8ad6d75714352fe7665e8ea18df883b79f78

    • SHA256

      e597b161cf2d643c4e579ef238ca111d23efd5d8a832f1be0fd8b0dae78ec0af

    • SHA512

      2b9ea36eb2114dd83ab34615a31a2fbc2d9fe62c3e09ce820273ec719945cef28db0376c635a0c682dd16fea273cbad544deb32a1da88f6661595d0b97b68902

    • SSDEEP

      49152:NtErfhsOSMa1xYus4Q2D2TgG6hN3gSVsmqoyeBe4:NtEbfa1xNL2g3mrEB/

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • Matiex

      Matiex is a keylogger and infostealer first seen in July 2020.

    • Matiex Main payload

    • Detectes Phoenix Miner Payload

MITRE ATT&CK Matrix

Tasks