icedid | 7a6c42343b3d422c9f6f5c72763645b8f1b4931c609c320e60816aee55e4ae8a | Triage

Sharing

General

Target

7a6c42343b3d422c9f6f5c72763645b8f1b4931c609c320e60816aee55e4ae8a
Size

1.1MB
Sample

220411-qdr79sade4
MD5

6dc83f59165bb7ef47fa4028cf3f6654
SHA1

0629137b72eeb02e7cc74043bda5874696bba386
SHA256

7a6c42343b3d422c9f6f5c72763645b8f1b4931c609c320e60816aee55e4ae8a
SHA512

40a897766f42395a2bfe7be6f4d282f38ef67b94183f9625b6241d811a17b13a1349cef7a28972138ac28bc103d3cb956316eb820462ad6710b038f0f6b1701a

Score

10^/10

icedid 468039940 banker loader trojan

Malware Config

Extracted

Family

icedid

Campaign

468039940

C2

arelyevennot.top

Targets

- Target
  
  7a6c42343b3d422c9f6f5c72763645b8f1b4931c609c320e60816aee55e4ae8a
- Size
  
  1.1MB
- MD5
  
  6dc83f59165bb7ef47fa4028cf3f6654
- SHA1
  
  0629137b72eeb02e7cc74043bda5874696bba386
- SHA256
  
  7a6c42343b3d422c9f6f5c72763645b8f1b4931c609c320e60816aee55e4ae8a
- SHA512
  
  40a897766f42395a2bfe7be6f4d282f38ef67b94183f9625b6241d811a17b13a1349cef7a28972138ac28bc103d3cb956316eb820462ad6710b038f0f6b1701a
Score

10^/10

icedid 468039940 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- IcedID First Stage Loader
  loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

icedid468039940bankerloadertrojan

behavioral2

icedid468039940bankerloadertrojan