icedid | efc3cab100ac7e863a49bdd839e82c6cc1e4f83a2676a83df5f49361f62ae9a6 | Triage

Sharing

General

Target

e6.exe
Size

147KB
Sample

220525-prrcfsecgl
MD5

e674924eee4809915712461ebfb18080
SHA1

e737eeb10b729024099aac26ca879ffd19069c6c
SHA256

efc3cab100ac7e863a49bdd839e82c6cc1e4f83a2676a83df5f49361f62ae9a6
SHA512

cb623ee862aaf21498b47c5bec42b3f4e8e17f76c6ac021c313a1032f92e60b6aa0951693c03bcb93caef5df8b3e18ce54d04da9e929995dadae1c22e3b35efd

Score

10^/10

icedid 260931076 banker loader suricata trojan

Malware Config

Extracted

Family

icedid

Campaign

260931076

C2

ilekvoyn.com

Targets

- Target
  
  e6.exe
- Size
  
  147KB
- MD5
  
  e674924eee4809915712461ebfb18080
- SHA1
  
  e737eeb10b729024099aac26ca879ffd19069c6c
- SHA256
  
  efc3cab100ac7e863a49bdd839e82c6cc1e4f83a2676a83df5f49361f62ae9a6
- SHA512
  
  cb623ee862aaf21498b47c5bec42b3f4e8e17f76c6ac021c313a1032f92e60b6aa0951693c03bcb93caef5df8b3e18ce54d04da9e929995dadae1c22e3b35efd
Score

10^/10

icedid 260931076 banker loader suricata trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid260931076bankerloadersuricatatrojan

behavioral2

icedid260931076bankerloadersuricatatrojan