General

  • Target

    0x00060000000231c5-2.dll

  • Size

    328KB

  • Sample

    231012-a3a3aafh73

  • MD5

    7088a08179ec6c352a8526afa9e13004

  • SHA1

    088ba043196133dd255dd0e70106a6dd26aa788b

  • SHA256

    ead7621affb3dcfa1137359639f3df8060fca2e5aafd65322a7d67745726b88c

  • SHA512

    d55aaf337800ca84e996c9cc3e53b90fba4817b8a27af3a93ca7c5d470d72bba683e45d93dbe3c860103ef07042cc5b3b07232d43fa31c05fe15dbc63ec27377

  • SSDEEP

    6144:hN/F41OWGRkFtwxW6spj/JbUaeboh6EReEUHFmUBRXzXcOkLz1KQzY:h5FCOWGRayW6sAowXFmUBtDgrz

Malware Config

Extracted

Family

icedid

Campaign

361893872

Targets

    • Target

      0x00060000000231c5-2.dll

    • Size

      328KB

    • MD5

      7088a08179ec6c352a8526afa9e13004

    • SHA1

      088ba043196133dd255dd0e70106a6dd26aa788b

    • SHA256

      ead7621affb3dcfa1137359639f3df8060fca2e5aafd65322a7d67745726b88c

    • SHA512

      d55aaf337800ca84e996c9cc3e53b90fba4817b8a27af3a93ca7c5d470d72bba683e45d93dbe3c860103ef07042cc5b3b07232d43fa31c05fe15dbc63ec27377

    • SSDEEP

      6144:hN/F41OWGRkFtwxW6spj/JbUaeboh6EReEUHFmUBRXzXcOkLz1KQzY:h5FCOWGRayW6sAowXFmUBtDgrz

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • Blocklisted process makes network request

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks