icedid | bc6a441a3036c1310886b671943e487d47f2c7d1b4bd125d7b0cf0f3090b8281 | Triage

Sharing

General

Target

bc6a441a3036c1310886b671943e487d47f2c7d1b4bd125d7b0cf0f3090b8281
Size

552KB
Sample

220215-hsn56acad4
MD5

791779361e8db64ec7fbeb8b82d68ce7
SHA1

8632bff9f308fa57ae5bd1aad56b5ec8ff91f466
SHA256

bc6a441a3036c1310886b671943e487d47f2c7d1b4bd125d7b0cf0f3090b8281
SHA512

da4b1b98c6d190311cc5df10c91560a2818d8aa1707d9d77a8fe4275d99766ff29f3d39588b200986f3d0e5eb001a72b5b459f1e95e1e34d875ceb531d6079b4

Score

10^/10

icedid 412701809 banker trojan

Malware Config

Extracted

Family

icedid

Campaign

412701809

C2

hdtrenity.com

Targets

- Target
  
  bc6a441a3036c1310886b671943e487d47f2c7d1b4bd125d7b0cf0f3090b8281
- Size
  
  552KB
- MD5
  
  791779361e8db64ec7fbeb8b82d68ce7
- SHA1
  
  8632bff9f308fa57ae5bd1aad56b5ec8ff91f466
- SHA256
  
  bc6a441a3036c1310886b671943e487d47f2c7d1b4bd125d7b0cf0f3090b8281
- SHA512
  
  da4b1b98c6d190311cc5df10c91560a2818d8aa1707d9d77a8fe4275d99766ff29f3d39588b200986f3d0e5eb001a72b5b459f1e95e1e34d875ceb531d6079b4
Score

10^/10

icedid 412701809 banker trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

icedid412701809bankertrojan

behavioral2

icedid412701809bankertrojan