icedid | ce9be120fccc46015a5a5d66195151c6ecf3b2db0e82073935f33bef0a9a3142 | Triage

Sharing

General

Target

3adc2160c304c344f6c1efcba1b759af3cc87b85376535b088adb15562aa0254
Size

366KB
Sample

220218-qy5dbsceg6
MD5

df1069aceef6d4d01c69ff1744ef6fc8
SHA1

359399d5dcee522785855f7a73e3b3d48c9fedff
SHA256

ce9be120fccc46015a5a5d66195151c6ecf3b2db0e82073935f33bef0a9a3142
SHA512

2d3ef26d8e8eb0fcc88197e799e948643f32e0c9738c52d3c017c77ff2fd379b0318a0f757ff93ea0d37bbe6bc8629ab67cc8e450ecec96044cc97609942c1df

Score

10^/10

icedid 3384076982 banker trojan

Malware Config

Extracted

Family

icedid

Campaign

3384076982

C2

keepfootbal.com

Targets

- Target
  
  3adc2160c304c344f6c1efcba1b759af3cc87b85376535b088adb15562aa0254
- Size
  
  560KB
- MD5
  
  3a8c654dac8d89b972ca4e5d2555ba83
- SHA1
  
  a4c638937a14752f95bd056a9c761d85b0c24292
- SHA256
  
  3adc2160c304c344f6c1efcba1b759af3cc87b85376535b088adb15562aa0254
- SHA512
  
  de960ec64cfb1ae2299ee9444055a3d209049837af4e6a47097a0418c9e62f1b5fd06ffd1209c7a99f3a42d7b523959d02369bd714c76e23b02bacbce4698b79
Score

10^/10

icedid 3384076982 banker trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

icedid3384076982bankertrojan

behavioral2

icedid3384076982bankertrojan