icedid | a98112f55dfd1fe971be934510d681e30fad6bc0edd9b4ba5c888f0080a5ed68 | Triage

Submit
Reports

Overview

overview

Static

static

tmp.exe

windows7_x64

tmp.exe

windows10-2004_x64

Sharing

General

Target

tmp
Size

699KB
Sample

220223-1wed8sbde2
MD5

4b71805d51193b0dbe39321475ba41ed
SHA1

2c69d33ee6cad5557f088f205f7c031b5d7d003c
SHA256

a98112f55dfd1fe971be934510d681e30fad6bc0edd9b4ba5c888f0080a5ed68
SHA512

9f882d0a3117c9b530bdcea67b36601a26024cfa0d505cfa0e06c4a2b675751ad453f220329b1cc8171fedfb576d73d58d8e13e726af08344307a257d078c608

Score

10^/10

icedid 2715004312 banker loader trojan

Static task

static1

Behavioral task

behavioral1

Sample

tmp.exe

Resource

win7-en-20211208

icedid 2715004312 banker loader trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

tmp.exe

Resource

win10v2004-en-20220113

icedid 2715004312 banker loader trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

icedid

Campaign

2715004312

C2

badgoodreason.com

Targets

- Target
  
  tmp
- Size
  
  699KB
- MD5
  
  4b71805d51193b0dbe39321475ba41ed
- SHA1
  
  2c69d33ee6cad5557f088f205f7c031b5d7d003c
- SHA256
  
  a98112f55dfd1fe971be934510d681e30fad6bc0edd9b4ba5c888f0080a5ed68
- SHA512
  
  9f882d0a3117c9b530bdcea67b36601a26024cfa0d505cfa0e06c4a2b675751ad453f220329b1cc8171fedfb576d73d58d8e13e726af08344307a257d078c608
Score

10^/10

icedid 2715004312 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- IcedID First Stage Loader
  loader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

icedid2715004312bankerloadertrojan

behavioral2

icedid2715004312bankerloadertrojan

© 2018-2024

Terms | Privacy