Resubmissions

06-01-2024 23:25

240106-3ep6hsabhj 10

24-07-2020 17:12

200724-he6fb8dnc6 8

General

  • Target

    111.jpg

  • Size

    363KB

  • Sample

    240106-3ep6hsabhj

  • MD5

    4896a4b3071b13c65fefc4842464843b

  • SHA1

    583b57b0c60a640c908fbf37f1b50fcfab57a96d

  • SHA256

    6196a0966d3fbe5726736f0fd7661a0a928fdce345cb377e79cea039594a79f0

  • SHA512

    a24eba4bfaf1c41387ba66b21ba9ddd16d2cf9b3b333fb7c11391ec517d38a4c553bf936232c8d263c4af47caba4b3d439e1864859dad55bcebce9f43b78fc19

  • SSDEEP

    6144:MdMOmNDo0xxiR2BcDeP0PDcTeZJIUJgLdAA:MoDo0DiR2BcqP8DGerzA

Malware Config

Extracted

Family

icedid

C2

loadkanoe.casa

Targets

    • Target

      111.jpg

    • Size

      363KB

    • MD5

      4896a4b3071b13c65fefc4842464843b

    • SHA1

      583b57b0c60a640c908fbf37f1b50fcfab57a96d

    • SHA256

      6196a0966d3fbe5726736f0fd7661a0a928fdce345cb377e79cea039594a79f0

    • SHA512

      a24eba4bfaf1c41387ba66b21ba9ddd16d2cf9b3b333fb7c11391ec517d38a4c553bf936232c8d263c4af47caba4b3d439e1864859dad55bcebce9f43b78fc19

    • SSDEEP

      6144:MdMOmNDo0xxiR2BcDeP0PDcTeZJIUJgLdAA:MoDo0DiR2BcqP8DGerzA

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • IcedID First Stage Loader

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks