icedid | 0581f0bf260a11a5662d58b99a82ec756c9365613833bce8f102ec1235a7d4f7 | Triage

Sharing

General

Target

0581f0bf260a11a5662d58b99a82ec756c9365613833bce8f102ec1235a7d4f7.exe
Size

702KB
Sample

220523-zbn79saegq
MD5

9b692f43d575acb739decfc809db7f2e
SHA1

bc42c60590cb908e765e2d97e8b3a92b4616cd30
SHA256

0581f0bf260a11a5662d58b99a82ec756c9365613833bce8f102ec1235a7d4f7
SHA512

f99f546940bd96c6e9cac6a8500f25280ed190b9830247a5c7249d30a40fd1b4e3c94ca0455e337e77682a7a2b14a259b0aa4cf9680e9ccf727f71ae69873473

Score

10^/10

icedid 109932505 banker loader suricata trojan

Malware Config

Extracted

Family

icedid

Campaign

109932505

C2

ilekvoyn.com

Targets

- Target
  
  0581f0bf260a11a5662d58b99a82ec756c9365613833bce8f102ec1235a7d4f7.exe
- Size
  
  702KB
- MD5
  
  9b692f43d575acb739decfc809db7f2e
- SHA1
  
  bc42c60590cb908e765e2d97e8b3a92b4616cd30
- SHA256
  
  0581f0bf260a11a5662d58b99a82ec756c9365613833bce8f102ec1235a7d4f7
- SHA512
  
  f99f546940bd96c6e9cac6a8500f25280ed190b9830247a5c7249d30a40fd1b4e3c94ca0455e337e77682a7a2b14a259b0aa4cf9680e9ccf727f71ae69873473
Score

10^/10

icedid 109932505 banker loader suricata trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid109932505bankerloadersuricatatrojan

behavioral2

icedid109932505bankerloadersuricatatrojan