General

  • Target

    Doc-2023-10-19-6409.zip

  • Size

    179KB

  • Sample

    231019-3d1wmace8w

  • MD5

    3b8f3180e48ba139cb43efea5f1b3427

  • SHA1

    4d891aee545139f0261d61cdfc7e45ddcb25b8a0

  • SHA256

    4940b0063dbccd10229aef16b33200ca959f2e35b2fcf4d441b3429c78656d3f

  • SHA512

    dae48f6ca3bfd5bd43e69017e57eca29ad19e261729af0c035b7813d780e6438b74b36a5cac3c0059da3037d84c4ac2e20ad0b4aedf8fb28c9e92e8c52b6a634

  • SSDEEP

    3072:67XthullEm/vdGYuGzxQj8Easc1E4KTD2kySqaK/SJKjsB7Yk0MVtOhDejASWf:KWEso+zew1KmkySqy0s9lt0etWf

Malware Config

Extracted

Family

icedid

Campaign

2478295045

C2

mistulinno.com

Targets

    • Target

      Doc-2023-10-19-6409.zip

    • Size

      179KB

    • MD5

      3b8f3180e48ba139cb43efea5f1b3427

    • SHA1

      4d891aee545139f0261d61cdfc7e45ddcb25b8a0

    • SHA256

      4940b0063dbccd10229aef16b33200ca959f2e35b2fcf4d441b3429c78656d3f

    • SHA512

      dae48f6ca3bfd5bd43e69017e57eca29ad19e261729af0c035b7813d780e6438b74b36a5cac3c0059da3037d84c4ac2e20ad0b4aedf8fb28c9e92e8c52b6a634

    • SSDEEP

      3072:67XthullEm/vdGYuGzxQj8Easc1E4KTD2kySqaK/SJKjsB7Yk0MVtOhDejASWf:KWEso+zew1KmkySqy0s9lt0etWf

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • Modifies Installed Components in the registry

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

MITRE ATT&CK Enterprise v15

Tasks