General

  • Target

    20102023_0047_U1rA_icedid.dll

  • Size

    833KB

  • Sample

    231019-vaxqssae99

  • MD5

    283d4cf18ca1b0c174227fdace51ab33

  • SHA1

    0ee1721dc7873818919fa811f20ce45d6a1bfc2f

  • SHA256

    0b86c23d1265a43cbadb18813165cf5978de8a14b7ac4f6914e859783878ace9

  • SHA512

    4a840027e1e704f4989d30166a21f25c8f1b27ffe2ddf4a17528ff58b219d62e6c75b1fd37adb32af45294ae8ba28a00be10751ab4e0d0b19350431ee8a5f232

  • SSDEEP

    12288:RKTY83GfyvVf4OelYfHoFA05ETwt3AHhlyt8bXTw05nmZfRfE:8TdvVf4+6eTw3AvgAmZfR

Malware Config

Extracted

Family

icedid

Campaign

1075006942

C2

mistulinno.com

Targets

    • Target

      20102023_0047_U1rA_icedid.dll

    • Size

      833KB

    • MD5

      283d4cf18ca1b0c174227fdace51ab33

    • SHA1

      0ee1721dc7873818919fa811f20ce45d6a1bfc2f

    • SHA256

      0b86c23d1265a43cbadb18813165cf5978de8a14b7ac4f6914e859783878ace9

    • SHA512

      4a840027e1e704f4989d30166a21f25c8f1b27ffe2ddf4a17528ff58b219d62e6c75b1fd37adb32af45294ae8ba28a00be10751ab4e0d0b19350431ee8a5f232

    • SSDEEP

      12288:RKTY83GfyvVf4OelYfHoFA05ETwt3AHhlyt8bXTw05nmZfRfE:8TdvVf4+6eTw3AvgAmZfR

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • Drops file in System32 directory

MITRE ATT&CK Matrix

Tasks