icedid | fc6e926180ddfcec6d89dba7ebbaa7823664d51d0d6c51c1b1decf81b8aca610 | Triage

Sharing

General

Target

d2ef5.exe
Size

273KB
Sample

220429-txf6wsgdgk
MD5

111680a7201dadbcea03066daf948d5c
SHA1

ab21a748037068de8dbdbe98873d5c511a907b51
SHA256

fc6e926180ddfcec6d89dba7ebbaa7823664d51d0d6c51c1b1decf81b8aca610
SHA512

f19eec4e1655abe0afd371e06ef75049a0606ea6866ca82986d76a0cd3154db595d23193143b1f8b1896c24c4dd721c3b6b86fb595147c34709a03618bb2fa04

Score

10^/10

icedid 766074942 banker loader suricata trojan

Malware Config

Extracted

Family

icedid

Campaign

766074942

C2

rshysytover.com

Targets

- Target
  
  d2ef5.exe
- Size
  
  273KB
- MD5
  
  111680a7201dadbcea03066daf948d5c
- SHA1
  
  ab21a748037068de8dbdbe98873d5c511a907b51
- SHA256
  
  fc6e926180ddfcec6d89dba7ebbaa7823664d51d0d6c51c1b1decf81b8aca610
- SHA512
  
  f19eec4e1655abe0afd371e06ef75049a0606ea6866ca82986d76a0cd3154db595d23193143b1f8b1896c24c4dd721c3b6b86fb595147c34709a03618bb2fa04
Score

10^/10

icedid 766074942 banker loader suricata trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid766074942bankerloadersuricatatrojan

behavioral2

icedid766074942bankerloadersuricatatrojan