icedid | b1b6ca3dd3d6ef951acc6d0fb2b30b9d82d2f7d29deffd3b4346d0fba522a485 | Triage

Sharing

General

Target

SecuriteInfo.com.Variant.Mikey.116711.25037.867
Size

131KB
Sample

201114-kchxrqld6s
MD5

1519a2dbe2f250a807f8c1b99ee3fc38
SHA1

257cac81f1445896059d2d228b42e3c909bca097
SHA256

b1b6ca3dd3d6ef951acc6d0fb2b30b9d82d2f7d29deffd3b4346d0fba522a485
SHA512

f338ecc831cf46c401fc7f2b9f2ff6faf2c5486c70402e9cd8b3767f6c2c1522f35431651f1c16e0a49f0bb401fb4959b428d2cd1e5ba5b920ee89fc69ab0e6e

Score

10^/10

icedid 3765533603 banker trojan

Malware Config

Extracted

Family

icedid

Campaign

3765533603

Targets

- Target
  
  SecuriteInfo.com.Variant.Mikey.116711.25037.867
- Size
  
  131KB
- MD5
  
  1519a2dbe2f250a807f8c1b99ee3fc38
- SHA1
  
  257cac81f1445896059d2d228b42e3c909bca097
- SHA256
  
  b1b6ca3dd3d6ef951acc6d0fb2b30b9d82d2f7d29deffd3b4346d0fba522a485
- SHA512
  
  f338ecc831cf46c401fc7f2b9f2ff6faf2c5486c70402e9cd8b3767f6c2c1522f35431651f1c16e0a49f0bb401fb4959b428d2cd1e5ba5b920ee89fc69ab0e6e
Score

10^/10

icedid 3765533603 banker trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

icedid3765533603bankertrojan

behavioral2