icedid | 63770070208c532df8a7d41a391faff7c5280814bebd13b0b935f0fa80fc8e27 | Triage

Sharing

General

Target

3cbc08dc4f11379f6e080a7b6dad3e2f7c53202e08f461100f4ce4f5b869811a_unpacked
Size

13KB
Sample

220511-gh1krsfgh8
MD5

f425f1defd562e22a3a62fb5bc141cb1
SHA1

d7bfce77cad7d605e35538c2501a522015e3e3c2
SHA256

63770070208c532df8a7d41a391faff7c5280814bebd13b0b935f0fa80fc8e27
SHA512

693385bea3207cb2d3eaca0b57c46f70e9ded1b9abc1dc490cee0ca63921abcb37ae95f9b2023e00acbc754cbff781632dccba0629efd8141642e6818d3d354a

Score

10^/10

icedid 3000901376 banker loader suricata trojan

Malware Config

Extracted

Family

icedid

Campaign

3000901376

C2

yolneanz.com

Extracted

Family

icedid

Campaign

3000901376

Targets

- Target
  
  3cbc08dc4f11379f6e080a7b6dad3e2f7c53202e08f461100f4ce4f5b869811a_unpacked
- Size
  
  13KB
- MD5
  
  f425f1defd562e22a3a62fb5bc141cb1
- SHA1
  
  d7bfce77cad7d605e35538c2501a522015e3e3c2
- SHA256
  
  63770070208c532df8a7d41a391faff7c5280814bebd13b0b935f0fa80fc8e27
- SHA512
  
  693385bea3207cb2d3eaca0b57c46f70e9ded1b9abc1dc490cee0ca63921abcb37ae95f9b2023e00acbc754cbff781632dccba0629efd8141642e6818d3d354a
Score

10^/10

icedid 3000901376 banker suricata trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

loader3000901376icedid

behavioral1

icedid3000901376bankersuricatatrojan

behavioral2

icedid3000901376bankersuricatatrojan