icedid | 6813ce030504f0aca9bc8c4c9b6ad93627f2445de1b8969497f965ed1f3f850d | Triage

Sharing

General

Target

6813ce030504f0aca9bc8c4c9b6ad93627f2445de1b8969497f965ed1f3f850d
Size

441KB
Sample

220307-v9ez2aadcp
MD5

d5c447a6bdcde38ec9565d6a3417f448
SHA1

d42cd3db4d31b77e85302b140c931d94c7c5281d
SHA256

6813ce030504f0aca9bc8c4c9b6ad93627f2445de1b8969497f965ed1f3f850d
SHA512

7e3b3acf93bab4e776fcd34baab7fb0072079e1b7f10902ac96bb240e611ce58917c3a1f0840a624cf26b15f52ae8a03a00686f21da6cafc6bcb6f1bf5b0e289

Score

10^/10

icedid 3078948156 banker trojan

Malware Config

Extracted

Family

icedid

Botnet

3078948156

C2

firstdatachannel.art

firstdatachannel.click

Attributes

auth_var
15
url_path
/news/

Targets

- Target
  
  6813ce030504f0aca9bc8c4c9b6ad93627f2445de1b8969497f965ed1f3f850d
- Size
  
  441KB
- MD5
  
  d5c447a6bdcde38ec9565d6a3417f448
- SHA1
  
  d42cd3db4d31b77e85302b140c931d94c7c5281d
- SHA256
  
  6813ce030504f0aca9bc8c4c9b6ad93627f2445de1b8969497f965ed1f3f850d
- SHA512
  
  7e3b3acf93bab4e776fcd34baab7fb0072079e1b7f10902ac96bb240e611ce58917c3a1f0840a624cf26b15f52ae8a03a00686f21da6cafc6bcb6f1bf5b0e289
Score

10^/10

icedid 3078948156 banker trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid3078948156bankertrojan

behavioral2

icedid3078948156bankertrojan