General

  • Target

    0317-1.bin

  • Size

    328KB

  • Sample

    231011-3thpzsec88

  • MD5

    bb7da19e0399724519724d44d7c331c7

  • SHA1

    b10fb1c24b1d4187e24ee1be76b6247b862b214c

  • SHA256

    5e3bb62b44636f502e387d4c00bd5a7bc1d040332028238ccd812f73e6d859ca

  • SHA512

    b68e3f3fec30cac41a11a939e0a5e9db2e45574cb31201fb9dd92657cd03edc060df4f7026ce2f1d9617b48ac88769dcb67958aea040684e661be82d0f8f3fd9

  • SSDEEP

    6144:yN/F41OWGRkFtwxW6spj/JbUaeboh6EReEUHFmUC3qS7e/g1j:y5FCOWGRayW6sAowXFmUy4U

Malware Config

Extracted

Family

icedid

Campaign

361893872

Targets

    • Target

      0317-1.bin

    • Size

      328KB

    • MD5

      bb7da19e0399724519724d44d7c331c7

    • SHA1

      b10fb1c24b1d4187e24ee1be76b6247b862b214c

    • SHA256

      5e3bb62b44636f502e387d4c00bd5a7bc1d040332028238ccd812f73e6d859ca

    • SHA512

      b68e3f3fec30cac41a11a939e0a5e9db2e45574cb31201fb9dd92657cd03edc060df4f7026ce2f1d9617b48ac88769dcb67958aea040684e661be82d0f8f3fd9

    • SSDEEP

      6144:yN/F41OWGRkFtwxW6spj/JbUaeboh6EReEUHFmUC3qS7e/g1j:y5FCOWGRayW6sAowXFmUy4U

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • Blocklisted process makes network request

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks