icedid | bc6a441a3036c1310886b671943e487d47f2c7d1b4bd125d7b0cf0f3090b8281 | Triage

Sharing

General

Target

bc6a441a3036c1310886b671943e487d47f2c7d1b4bd125d7b0cf0f3090b8281
Size

552KB
Sample

220215-hsn56acad4
MD5

791779361e8db64ec7fbeb8b82d68ce7
SHA1

8632bff9f308fa57ae5bd1aad56b5ec8ff91f466
SHA256

bc6a441a3036c1310886b671943e487d47f2c7d1b4bd125d7b0cf0f3090b8281
SHA512

da4b1b98c6d190311cc5df10c91560a2818d8aa1707d9d77a8fe4275d99766ff29f3d39588b200986f3d0e5eb001a72b5b459f1e95e1e34d875ceb531d6079b4

Score

10^/10

icedid 412701809 banker trojan

Malware Config

Extracted

Family

icedid

Campaign

412701809

C2

hdtrenity.com

Targets

- Target
  
  bc6a441a3036c1310886b671943e487d47f2c7d1b4bd125d7b0cf0f3090b8281
- Size
  
  552KB
- MD5
  
  791779361e8db64ec7fbeb8b82d68ce7
- SHA1
  
  8632bff9f308fa57ae5bd1aad56b5ec8ff91f466
- SHA256
  
  bc6a441a3036c1310886b671943e487d47f2c7d1b4bd125d7b0cf0f3090b8281
- SHA512
  
  da4b1b98c6d190311cc5df10c91560a2818d8aa1707d9d77a8fe4275d99766ff29f3d39588b200986f3d0e5eb001a72b5b459f1e95e1e34d875ceb531d6079b4
Score

10^/10

icedid 412701809 banker trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

icedid412701809bankertrojan

behavioral2

icedid412701809bankertrojan