icedid | d9ebead799968c3236411efd6c3d95cbe4bf9040f411872db5aab421cc0db9b0 | Triage

Sharing

General

Target

d9ebead799968c3236411efd6c3d95cbe4bf9040f411872db5aab421cc0db9b0
Size

253KB
Sample

220203-r68amaagcq
MD5

b90ab6cc2b24c85dbdc6d000d67253d8
SHA1

b51f2706213591f50bfecc994244c2fb668bb76e
SHA256

d9ebead799968c3236411efd6c3d95cbe4bf9040f411872db5aab421cc0db9b0
SHA512

e98c133f687adde9d2b6a133fc1bf0a90fff8241e9572410d16dc986deac61522a74f2dc0bd7046a8aa6d029aa2fcb4002f29b8cf65cda0df16d8f79554fa306

Score

10^/10

icedid 3840329038 banker suricata trojan

Malware Config

Extracted

Family

icedid

Campaign

3840329038

C2

hdtrenity.com

Targets

- Target
  
  d9ebead799968c3236411efd6c3d95cbe4bf9040f411872db5aab421cc0db9b0
- Size
  
  253KB
- MD5
  
  b90ab6cc2b24c85dbdc6d000d67253d8
- SHA1
  
  b51f2706213591f50bfecc994244c2fb668bb76e
- SHA256
  
  d9ebead799968c3236411efd6c3d95cbe4bf9040f411872db5aab421cc0db9b0
- SHA512
  
  e98c133f687adde9d2b6a133fc1bf0a90fff8241e9572410d16dc986deac61522a74f2dc0bd7046a8aa6d029aa2fcb4002f29b8cf65cda0df16d8f79554fa306
Score

10^/10

icedid 3840329038 banker suricata trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid3840329038bankersuricatatrojan

behavioral2