icedid | 5c733d57143d5fd9777daee8aec2e907dbf31ba9acb97ed1a3ae9cbcd3bc01d3 | Triage

Submit
Reports

Overview

overview

Static

static

5C733D5714...97.exe

windows7_x64

5C733D5714...97.exe

windows10_x64

Resubmissions

11-11-2021 12:40

211111-pwejfsgdcp 10

07-11-2021 19:52

211107-yldzlsgbfp 10

Sharing

General

Target

5C733D57143D5FD9777DAEE8AEC2E907DBF31BA9ACB97.exe
Size

1.2MB
Sample

211111-pwejfsgdcp
MD5

37fa9f54837a71c9fc640ac78cac9646
SHA1

4177211a427d5710e02ce37b2fdc4ef62b174067
SHA256

5c733d57143d5fd9777daee8aec2e907dbf31ba9acb97ed1a3ae9cbcd3bc01d3
SHA512

f99e17855f15f78c7bbc47d2141a2be8e3e5a9acfbed26c4ffbda6d5bfaea990ecbb00c9e69cb60402b7235fb1482216c51ca5542cec7f877e82ae62cf9761b6

Score

10^/10

icedid 949083261 banker loader suricata trojan

Static task

static1

Behavioral task

behavioral1

Sample

5C733D57143D5FD9777DAEE8AEC2E907DBF31BA9ACB97.exe

Resource

win7-en-20211014

icedid 949083261 banker loader suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

5C733D57143D5FD9777DAEE8AEC2E907DBF31BA9ACB97.exe

Resource

win10-en-20211104

icedid 949083261 banker loader suricata trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

icedid

Campaign

949083261

C2

kitchenbiggy.best

Targets

- Target
  
  5C733D57143D5FD9777DAEE8AEC2E907DBF31BA9ACB97.exe
- Size
  
  1.2MB
- MD5
  
  37fa9f54837a71c9fc640ac78cac9646
- SHA1
  
  4177211a427d5710e02ce37b2fdc4ef62b174067
- SHA256
  
  5c733d57143d5fd9777daee8aec2e907dbf31ba9acb97ed1a3ae9cbcd3bc01d3
- SHA512
  
  f99e17855f15f78c7bbc47d2141a2be8e3e5a9acfbed26c4ffbda6d5bfaea990ecbb00c9e69cb60402b7235fb1482216c51ca5542cec7f877e82ae62cf9761b6
Score

10^/10

icedid 949083261 banker loader suricata trojan
- ICEDID gziploader 2021
  gziploader.
  banker
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata
- suricata: ET MALWARE Win32/IcedID Requesting Encoded Binary M4
  suricata: ET MALWARE Win32/IcedID Requesting Encoded Binary M4
  suricata
- IcedID First Stage Loader
  loader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

icedid949083261bankerloadersuricatatrojan

behavioral2

icedid949083261bankerloadersuricatatrojan

© 2018-2024

Terms | Privacy