icedid | 5712bab4ae4d586cf9375689719afe2c0108e7bd049a262a57e0383ebcadf328 | Triage

Sharing

General

Target

5712bab4ae4d586cf9375689719afe2c0108e7bd049a262a57e0383ebcadf328
Size

176KB
Sample

220330-h49agaeagp
MD5

4ff78eaf7d1518b33c44293aa6b05ee2
SHA1

2e2f05f60df3129731178fdc7105dc2ab57a82df
SHA256

5712bab4ae4d586cf9375689719afe2c0108e7bd049a262a57e0383ebcadf328
SHA512

1da72967323888d307950cb32fd397edc32992bce534daf6e205ace55b892b5a7869d7c0902de41bd7cb3f733bd3b42afb3fc2b11849cbc2461d63cd263eaf05

Score

10^/10

icedid banker loader trojan

Malware Config

Extracted

Family

icedid

C2

aginia.net

aginia.top

aginia.in

aginia.tel

telected.com

telected.xyz

Targets

- Target
  
  5712bab4ae4d586cf9375689719afe2c0108e7bd049a262a57e0383ebcadf328
- Size
  
  176KB
- MD5
  
  4ff78eaf7d1518b33c44293aa6b05ee2
- SHA1
  
  2e2f05f60df3129731178fdc7105dc2ab57a82df
- SHA256
  
  5712bab4ae4d586cf9375689719afe2c0108e7bd049a262a57e0383ebcadf328
- SHA512
  
  1da72967323888d307950cb32fd397edc32992bce534daf6e205ace55b892b5a7869d7c0902de41bd7cb3f733bd3b42afb3fc2b11849cbc2461d63cd263eaf05
Score

10^/10

icedid banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- IcedID Second Stage Loader
  loader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

icedidbankerloadertrojan

behavioral2

icedidbankerloadertrojan