icedid | 4d056463e6696581728c5011c7f6ea876592f7543794c6de609dcd8e73dce570 | Triage

Sharing

General

Target

4d056463e6696581728c5011c7f6ea876592f7543794c6de609dcd8e73dce570
Size

610KB
Sample

220207-yqzrwagddl
MD5

c665e25d11496d077fb80e860497b5a0
SHA1

b377551f8eb510b0cf52c972b0f1bc2c960f6f06
SHA256

4d056463e6696581728c5011c7f6ea876592f7543794c6de609dcd8e73dce570
SHA512

d86aee999e0f2288e7d4e7d306d65441c48bca4253d2bcaeafadf9e58775f6f0905b679b7d752ed838f267ebf3a584e1657cc52a1f6ca312cc57c916365bc963

Score

10^/10

icedid 1732687004 banker suricata trojan

Malware Config

Extracted

Family

icedid

Campaign

1732687004

C2

keepfootbal.com

Targets

- Target
  
  4d056463e6696581728c5011c7f6ea876592f7543794c6de609dcd8e73dce570
- Size
  
  610KB
- MD5
  
  c665e25d11496d077fb80e860497b5a0
- SHA1
  
  b377551f8eb510b0cf52c972b0f1bc2c960f6f06
- SHA256
  
  4d056463e6696581728c5011c7f6ea876592f7543794c6de609dcd8e73dce570
- SHA512
  
  d86aee999e0f2288e7d4e7d306d65441c48bca4253d2bcaeafadf9e58775f6f0905b679b7d752ed838f267ebf3a584e1657cc52a1f6ca312cc57c916365bc963
Score

10^/10

icedid 1732687004 banker suricata trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

icedid1732687004bankersuricatatrojan

behavioral2

icedid1732687004bankersuricatatrojan