General
Target

2.exe

Size

177KB

Sample

211209-wj1dqaeedq

Score
10/10
MD5

20478d2d2b86e6c8c9da84af39fd652b

SHA1

f9c926efee370218d0d82dd75e703f46355e6018

SHA256

33fd2f2b2053150f21129807c381d38874c7622d207a8d036782db82cc61455b

SHA512

a348e4d5245b6aff3242f02f66415874a6380fa26740ed18ff2e995a87a386acc2e93182066abc3d6e7dc253909ed79099db70209ca38f779adb7fe67c78b613

Malware Config

Extracted

Family

icedid

Campaign

862604275

C2

nchestothe.ink

Targets
Target

2.exe

MD5

20478d2d2b86e6c8c9da84af39fd652b

Filesize

177KB

Score
10/10
SHA1

f9c926efee370218d0d82dd75e703f46355e6018

SHA256

33fd2f2b2053150f21129807c381d38874c7622d207a8d036782db82cc61455b

SHA512

a348e4d5245b6aff3242f02f66415874a6380fa26740ed18ff2e995a87a386acc2e93182066abc3d6e7dc253909ed79099db70209ca38f779adb7fe67c78b613

Tags

Signatures

  • IcedID, BokBot

    Description

    IcedID is a banking trojan capable of stealing credentials.

    Tags

  • suricata: ET MALWARE Win32/IcedID Request Cookie

    Description

    suricata: ET MALWARE Win32/IcedID Request Cookie

    Tags

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Discovery
          Execution
            Exfiltration
              Impact
                Initial Access
                  Lateral Movement
                    Persistence
                      Privilege Escalation
                        Tasks

                        static1

                        Score
                        N/A

                        behavioral1

                        Score
                        10/10

                        behavioral2

                        Score
                        10/10