icedid | 0e5354472a74178e1cf746c9a82ed7b1e18efa43631d812839a03f0cc9f31317 | Triage

Sharing

General

Target

triage_dropped_file
Size

266KB
Sample

211202-r3k1xschb3
MD5

21a3bdc1f1e69e698662a5673ae96ef6
SHA1

57613a9775dbf9a4773987a183a22df5f821298c
SHA256

0e5354472a74178e1cf746c9a82ed7b1e18efa43631d812839a03f0cc9f31317
SHA512

c9202f143fa48dda15d8a8447d7d12fb95ce0476d400292fb8bff6d8c017e00cf19540b8b6c18963a0c3d742fd8b9d723dd7b968ea9e0c85402d3e7de1ca1014

Score

10^/10

icedid 1892568649 banker trojan

Malware Config

Extracted

Family

icedid

Campaign

1892568649

C2

normyils.com

Targets

- Target
  
  triage_dropped_file
- Size
  
  266KB
- MD5
  
  21a3bdc1f1e69e698662a5673ae96ef6
- SHA1
  
  57613a9775dbf9a4773987a183a22df5f821298c
- SHA256
  
  0e5354472a74178e1cf746c9a82ed7b1e18efa43631d812839a03f0cc9f31317
- SHA512
  
  c9202f143fa48dda15d8a8447d7d12fb95ce0476d400292fb8bff6d8c017e00cf19540b8b6c18963a0c3d742fd8b9d723dd7b968ea9e0c85402d3e7de1ca1014
Score

10^/10

icedid 1892568649 banker trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid1892568649bankertrojan

behavioral2

icedid1892568649bankertrojan