icedid | 62109cd7f5bf3084c996968db5de682e1d4a9c3733160447bc540f628e7a4cdb | Triage

Resubmissions

22-02-2022 16:12

220222-tnypksahd6 10

24-12-2021 02:56

211224-de79nacbe7 10

Sharing

General

Target

file
Size

504KB
Sample

211224-de79nacbe7
MD5

ba7e3ba65c2855a6c3e46c4c988a5a43
SHA1

3db383933c828443d4173fc1acf967d727d1a396
SHA256

62109cd7f5bf3084c996968db5de682e1d4a9c3733160447bc540f628e7a4cdb
SHA512

f970ea463a4562603a1c67bcf9386254e6f5f3845e8f4f532d7c6a1a603dd3e8ff7db8a380dbeff60852da0895bcd820ff2036dbd1556415ecba2a2a9c3479f1

Score

10^/10

icedid banker trojan

Malware Config

Extracted

Family

icedid

rsa_pubkey.plain

Targets

- Target
  
  bless-.dat
- Size
  
  330KB
- MD5
  
  dd2b6d7007ee249c0679b52d306dc421
- SHA1
  
  13f44e5f9c05a4c8b2b7655722ab36619642c858
- SHA256
  
  c8cd2a2b0767b5220f9fbc6ae9b99ba97a9ebaae252146e6c9b395180fc7dc4c
- SHA512
  
  c6003888ab5d03a6b47b5340c845d935c5a0d90e8b67d56fa2c8fdcd039089f382a0221cc6ab09e5f83742d32ed3032317469f52ac99cb105aa884cea8c082cc
Score

1^/10
behavioral1 behavioral2
- Target
  
  core.bat
- Size
  
  180B
- MD5
  
  530cc5b8dc0b57fec8bcb7ed6675d18d
- SHA1
  
  25bdb516f4480a2aad04e7f9c486be09e4040b2e
- SHA256
  
  f054d2174a93ae6121603c15a954c45e52a0d88536e0a11b5d98b7bbfa52d7b5
- SHA512
  
  2b5717fa4dc5247b1b94a96ede0d698679b379c0129c02d97da44a7833f1086feabf98e39c1613e40241f9c72f04fb0a48821061e9bb2d34b3ec847f33eafb4b
Score

10^/10

icedid banker trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Blocklisted process makes network request
behavioral3 behavioral4

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

icedidbankertrojan

behavioral4

icedidbankertrojan