icedid | 5cf6c27cd0633dc3de8237f66e85b4c4aaf28dcedbb4918b1c402149f6a75189 | Triage

Sharing

General

Target

b97222607eb87c6370bf1353d6094b1d.dll
Size

266KB
Sample

211202-t64csaaedk
MD5

b97222607eb87c6370bf1353d6094b1d
SHA1

6d8596e064eb685a82b5a5d9216f8e8df94f7c6c
SHA256

5cf6c27cd0633dc3de8237f66e85b4c4aaf28dcedbb4918b1c402149f6a75189
SHA512

2dd19e79e1e91603e110d42ab959d6173fa4c9e35d0dd643b872e7b9b8973a23884a50bf27fdefcc25b513756d32d4f650bf653bcb3fd74f403c3474d7317122

Score

10^/10

icedid 1892568649 banker suricata trojan

Malware Config

Extracted

Family

icedid

Campaign

1892568649

C2

normyils.com

Targets

- Target
  
  b97222607eb87c6370bf1353d6094b1d.dll
- Size
  
  266KB
- MD5
  
  b97222607eb87c6370bf1353d6094b1d
- SHA1
  
  6d8596e064eb685a82b5a5d9216f8e8df94f7c6c
- SHA256
  
  5cf6c27cd0633dc3de8237f66e85b4c4aaf28dcedbb4918b1c402149f6a75189
- SHA512
  
  2dd19e79e1e91603e110d42ab959d6173fa4c9e35d0dd643b872e7b9b8973a23884a50bf27fdefcc25b513756d32d4f650bf653bcb3fd74f403c3474d7317122
Score

10^/10

icedid 1892568649 banker suricata trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid1892568649bankersuricatatrojan

behavioral2

icedid1892568649bankersuricatatrojan