Resubmissions

19-10-2023 13:04

231019-qaxnkshe75 10

19-10-2023 13:00

231019-p8wy9sga61 3

General

  • Target

    19102023_2100_v88_icedid.dll

  • Size

    833KB

  • Sample

    231019-qaxnkshe75

  • MD5

    7dfd0210ba41d4770da5263da927bf3c

  • SHA1

    176becb76c918482a1a62e42b2ec284cf3dcc6fc

  • SHA256

    332ea58e17b19b4a13b380f51dca7670452084efeed0165bbaa40d717d33c85c

  • SHA512

    05dbf72c965994705affde8eb55101eea2ddf92fa5ab7bb287301f61c8446113cdbfaca962f8a07be2585a8d77009e7c48eaf6cab7a2488957437975aa92be27

  • SSDEEP

    12288:RKTY83GfyvVf4OelYfHoFA05ETwt3AHhlyt8bXTw05nmZfRfH:8TdvVf4+6eTw3AvgAmZfR

Malware Config

Extracted

Family

icedid

Campaign

1075006942

C2

mistulinno.com

Targets

    • Target

      19102023_2100_v88_icedid.dll

    • Size

      833KB

    • MD5

      7dfd0210ba41d4770da5263da927bf3c

    • SHA1

      176becb76c918482a1a62e42b2ec284cf3dcc6fc

    • SHA256

      332ea58e17b19b4a13b380f51dca7670452084efeed0165bbaa40d717d33c85c

    • SHA512

      05dbf72c965994705affde8eb55101eea2ddf92fa5ab7bb287301f61c8446113cdbfaca962f8a07be2585a8d77009e7c48eaf6cab7a2488957437975aa92be27

    • SSDEEP

      12288:RKTY83GfyvVf4OelYfHoFA05ETwt3AHhlyt8bXTw05nmZfRfH:8TdvVf4+6eTw3AvgAmZfR

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks