icedid | afb8d6a8633c4b66cca83a61f197c0a11c96db71601f7c0dbcd99939da5fb1bb | Triage

Sharing

General

Target

114e8047febef0d5c677c54b86c69335.dll
Size

601KB
Sample

220614-x8x6bshffj
MD5

114e8047febef0d5c677c54b86c69335
SHA1

40183e208d011482d26a28e55b85594826ba7374
SHA256

afb8d6a8633c4b66cca83a61f197c0a11c96db71601f7c0dbcd99939da5fb1bb
SHA512

b7570df26fc63da575a00987123f78eaee5999c50e6fc9b5c1891a753c96ac7237d54945f4577797dee8a4821dbf21d447a5756cd1839e2aa5fc1cb2bad60701

Score

10^/10

icedid 3139257902 banker loader suricata trojan

Malware Config

Extracted

Family

icedid

Campaign

3139257902

C2

blandafearz.com

Targets

- Target
  
  114e8047febef0d5c677c54b86c69335.dll
- Size
  
  601KB
- MD5
  
  114e8047febef0d5c677c54b86c69335
- SHA1
  
  40183e208d011482d26a28e55b85594826ba7374
- SHA256
  
  afb8d6a8633c4b66cca83a61f197c0a11c96db71601f7c0dbcd99939da5fb1bb
- SHA512
  
  b7570df26fc63da575a00987123f78eaee5999c50e6fc9b5c1891a753c96ac7237d54945f4577797dee8a4821dbf21d447a5756cd1839e2aa5fc1cb2bad60701
Score

10^/10

icedid 3139257902 banker loader suricata trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid3139257902bankerloadersuricatatrojan

behavioral2

icedid3139257902bankerloadersuricatatrojan