icedid | a9fc2b58e0e714a5135bff2d7c5c3a1d46359363696bdfa3feaabeb6f6bdc3af | Triage

Sharing

General

Target

goot.exe
Size

147KB
Sample

220531-eymmqseaf8
MD5

157d12885e5f6434436862aadd6224cd
SHA1

e2f7ef1f9f1c2ca05b0c14520aa6259722141ca3
SHA256

a9fc2b58e0e714a5135bff2d7c5c3a1d46359363696bdfa3feaabeb6f6bdc3af
SHA512

eead6c46c3fc50787e9d9c72777705667882db116464a55d1b171892cc8a39177b7ffe668b83405048066fb53921990de7245365c093023abd9d8f14ed8c7b16

Score

10^/10

icedid 277708695 banker loader suricata trojan

Malware Config

Extracted

Family

icedid

Campaign

277708695

C2

ilekvoyn.com

Targets

- Target
  
  goot.exe
- Size
  
  147KB
- MD5
  
  157d12885e5f6434436862aadd6224cd
- SHA1
  
  e2f7ef1f9f1c2ca05b0c14520aa6259722141ca3
- SHA256
  
  a9fc2b58e0e714a5135bff2d7c5c3a1d46359363696bdfa3feaabeb6f6bdc3af
- SHA512
  
  eead6c46c3fc50787e9d9c72777705667882db116464a55d1b171892cc8a39177b7ffe668b83405048066fb53921990de7245365c093023abd9d8f14ed8c7b16
Score

10^/10

icedid 277708695 banker loader suricata trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid277708695bankerloadersuricatatrojan

behavioral2

icedid277708695bankerloadersuricatatrojan