icedid | d7c5ffce70c609a16559c88051e3ee292d380b6ee581ba3416b0206ad0b4cdeb | Triage

Sharing

General

Target

fdae004e66cf3dee59380f06e27f286fc5772ce658c9e1765867c07a6fdd131b
Size

384KB
Sample

220215-rxrarahbhq
MD5

37e51960dff36e04fc58f007a2f4c56d
SHA1

067aa5cc24a3aa76ddf5d158d4a33853372d344a
SHA256

d7c5ffce70c609a16559c88051e3ee292d380b6ee581ba3416b0206ad0b4cdeb
SHA512

e298fb8d0fb2f5c34afdbdf5ec6b5e76cef29e309dcd44704bf3d7016ee41736e2b9d5576d025bfb843aa94dc5ccb889930d72bb41f7b94d950037c52fc55ad4

Score

10^/10

icedid 412701809 banker suricata trojan

Malware Config

Extracted

Family

icedid

Campaign

412701809

C2

hdtrenity.com

Targets

- Target
  
  fdae004e66cf3dee59380f06e27f286fc5772ce658c9e1765867c07a6fdd131b
- Size
  
  578KB
- MD5
  
  602d1f74d126ae0487f8980995d7a5b1
- SHA1
  
  54c6c967c5ba6ff12a56c8298daaf84b663d409d
- SHA256
  
  fdae004e66cf3dee59380f06e27f286fc5772ce658c9e1765867c07a6fdd131b
- SHA512
  
  aad47da85168facef8b3ee19e795497c9db9914d57db79dd5462883677613c4d41c9697ce9f687dd8e2bdfe64b162a7387fbbd5fe721fb0cc4dcd08ed26fada5
Score

10^/10

icedid 412701809 banker suricata trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

icedid412701809bankersuricatatrojan

behavioral2

icedid412701809bankersuricatatrojan