icedid | 605d6dbb783fb7ffd54f5f8d9a3cbaf6aa23bbe5c7b384b3c9aa7a23b9b3c150 | Triage

Sharing

General

Target

EyeuD.txt
Size

210KB
Sample

201021-3gkezlhr6e
MD5

52e8aeb0c82df0d2d7a1166a252fd0c3
SHA1

04fe34a62ccbe36b284957cdd7b0e403b4ae725c
SHA256

605d6dbb783fb7ffd54f5f8d9a3cbaf6aa23bbe5c7b384b3c9aa7a23b9b3c150
SHA512

d15c41f339349a58b9353019da9d5a3c8cb9216e0473b06144fb035d33ca2854d9ff8b01a0c3cde18aea693266ac5f12ff52dda2858e0490be7b1b0813695402

Score

10^/10

icedid 1949629567 banker trojan

Malware Config

Extracted

Family

icedid

Campaign

1949629567

Targets

- Target
  
  EyeuD.txt
- Size
  
  210KB
- MD5
  
  52e8aeb0c82df0d2d7a1166a252fd0c3
- SHA1
  
  04fe34a62ccbe36b284957cdd7b0e403b4ae725c
- SHA256
  
  605d6dbb783fb7ffd54f5f8d9a3cbaf6aa23bbe5c7b384b3c9aa7a23b9b3c150
- SHA512
  
  d15c41f339349a58b9353019da9d5a3c8cb9216e0473b06144fb035d33ca2854d9ff8b01a0c3cde18aea693266ac5f12ff52dda2858e0490be7b1b0813695402
Score

10^/10

icedid 1949629567 banker trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

icedid1949629567bankertrojan

behavioral2