icedid | a2a9ecf82d0ab335d901f5d7e4f085c4d03692e5eadb52d0ac5843d387204fe0 | Triage

Sharing

General

Target

a2a9ecf82d0ab335d901f5d7e4f085c4d03692e5eadb52d0ac5843d387204fe0
Size

429KB
Sample

210603-rpe35j137n
MD5

cd88c540b4c5aa55947cf474e8e433af
SHA1

47bb790cecf426f51bb6111a8370f086ce9d94da
SHA256

a2a9ecf82d0ab335d901f5d7e4f085c4d03692e5eadb52d0ac5843d387204fe0
SHA512

4b82835e2ab7f2661e0509c9c99eb2cd2cf9bc7af7c4620e32e5e117d78cd91a56ef4e5a1cac1f7f80caa937cfb0596c8108ba1a9c92ca82356aec5f2811c287

Score

10^/10

icedid 548569227 banker trojan

Malware Config

Extracted

Family

icedid

Campaign

548569227

C2

buzzinmaster.live

Targets

- Target
  
  a2a9ecf82d0ab335d901f5d7e4f085c4d03692e5eadb52d0ac5843d387204fe0
- Size
  
  429KB
- MD5
  
  cd88c540b4c5aa55947cf474e8e433af
- SHA1
  
  47bb790cecf426f51bb6111a8370f086ce9d94da
- SHA256
  
  a2a9ecf82d0ab335d901f5d7e4f085c4d03692e5eadb52d0ac5843d387204fe0
- SHA512
  
  4b82835e2ab7f2661e0509c9c99eb2cd2cf9bc7af7c4620e32e5e117d78cd91a56ef4e5a1cac1f7f80caa937cfb0596c8108ba1a9c92ca82356aec5f2811c287
Score

10^/10

icedid 548569227 banker trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Suspicious use of NtCreateProcessExOtherParentProcess
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid548569227bankertrojan

behavioral2

icedid548569227bankertrojan