icedid | b0949b2e67bc892697c3673a94a1c1dded126c4286c1846f62f0ffc892cd20ec | Triage

Sharing

General

Target

095451b32948ac9f19b91fb2762dd983.dll
Size

251KB
Sample

211202-mvjexaehdj
MD5

095451b32948ac9f19b91fb2762dd983
SHA1

d4f7abf8914d8444f5b8356278f23071e9e72131
SHA256

b0949b2e67bc892697c3673a94a1c1dded126c4286c1846f62f0ffc892cd20ec
SHA512

6cc3d6035a7c8c1d7075603cf772c87dd9eae48ddc47dfb0051df268ea511f00cfc609584f8160f2d0fe14c8ed3dd896093b0600595db62753226fcf06d80bfd

Score

10^/10

icedid 1892568649 banker suricata trojan

Malware Config

Extracted

Family

icedid

Campaign

1892568649

C2

normyils.com

Targets

- Target
  
  095451b32948ac9f19b91fb2762dd983.dll
- Size
  
  251KB
- MD5
  
  095451b32948ac9f19b91fb2762dd983
- SHA1
  
  d4f7abf8914d8444f5b8356278f23071e9e72131
- SHA256
  
  b0949b2e67bc892697c3673a94a1c1dded126c4286c1846f62f0ffc892cd20ec
- SHA512
  
  6cc3d6035a7c8c1d7075603cf772c87dd9eae48ddc47dfb0051df268ea511f00cfc609584f8160f2d0fe14c8ed3dd896093b0600595db62753226fcf06d80bfd
Score

10^/10

icedid 1892568649 banker suricata trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid1892568649bankersuricatatrojan

behavioral2

icedid1892568649bankersuricatatrojan