General

  • Target

    a12045a6177dd32af8b39dea93fa92962ff1716381d0d137dede1fc75ecd2c0c_JC.exe

  • Size

    328KB

  • Sample

    231012-xkxjwsbd56

  • MD5

    510e0f061b1c3ff84f4cc810ff1dc6b2

  • SHA1

    6c0cb0d21dde5ec87d30c4d15025f50ab293c062

  • SHA256

    a12045a6177dd32af8b39dea93fa92962ff1716381d0d137dede1fc75ecd2c0c

  • SHA512

    09094d9fd88f7d519844f085d1e586e1e974a5f907cc99aa60f23f73e603be168040212eff14fe6cdc53bebc7536d307269a1c77cad22b4e7cabf89213b8f3ea

  • SSDEEP

    6144:tN/F41OWGRkFtwxW6spj/JbUaeboh6EReEUHFmUAkHecHYKjrygmsp:t5FCOWGRayW6sAowXFmUALjKjryg

Malware Config

Extracted

Family

icedid

Campaign

361893872

Targets

    • Target

      a12045a6177dd32af8b39dea93fa92962ff1716381d0d137dede1fc75ecd2c0c_JC.exe

    • Size

      328KB

    • MD5

      510e0f061b1c3ff84f4cc810ff1dc6b2

    • SHA1

      6c0cb0d21dde5ec87d30c4d15025f50ab293c062

    • SHA256

      a12045a6177dd32af8b39dea93fa92962ff1716381d0d137dede1fc75ecd2c0c

    • SHA512

      09094d9fd88f7d519844f085d1e586e1e974a5f907cc99aa60f23f73e603be168040212eff14fe6cdc53bebc7536d307269a1c77cad22b4e7cabf89213b8f3ea

    • SSDEEP

      6144:tN/F41OWGRkFtwxW6spj/JbUaeboh6EReEUHFmUAkHecHYKjrygmsp:t5FCOWGRayW6sAowXFmUALjKjryg

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • Blocklisted process makes network request

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks