icedid | 5712bab4ae4d586cf9375689719afe2c0108e7bd049a262a57e0383ebcadf328 | Triage

Sharing

General

Target

5712bab4ae4d586cf9375689719afe2c0108e7bd049a262a57e0383ebcadf328
Size

176KB
Sample

220330-h49agaeagp
MD5

4ff78eaf7d1518b33c44293aa6b05ee2
SHA1

2e2f05f60df3129731178fdc7105dc2ab57a82df
SHA256

5712bab4ae4d586cf9375689719afe2c0108e7bd049a262a57e0383ebcadf328
SHA512

1da72967323888d307950cb32fd397edc32992bce534daf6e205ace55b892b5a7869d7c0902de41bd7cb3f733bd3b42afb3fc2b11849cbc2461d63cd263eaf05

Score

10^/10

icedid banker loader trojan

Malware Config

Extracted

Family

icedid

C2

aginia.net

aginia.top

aginia.in

aginia.tel

telected.com

telected.xyz

Targets

- Target
  
  5712bab4ae4d586cf9375689719afe2c0108e7bd049a262a57e0383ebcadf328
- Size
  
  176KB
- MD5
  
  4ff78eaf7d1518b33c44293aa6b05ee2
- SHA1
  
  2e2f05f60df3129731178fdc7105dc2ab57a82df
- SHA256
  
  5712bab4ae4d586cf9375689719afe2c0108e7bd049a262a57e0383ebcadf328
- SHA512
  
  1da72967323888d307950cb32fd397edc32992bce534daf6e205ace55b892b5a7869d7c0902de41bd7cb3f733bd3b42afb3fc2b11849cbc2461d63cd263eaf05
Score

10^/10

icedid banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- IcedID Second Stage Loader
  loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

icedidbankerloadertrojan

behavioral2

icedidbankerloadertrojan