icedid | 600a21358e2cc2d5d50b014c4a4df03435b136bec0ee7903eb88d4368fe37647 | Triage

Sharing

General

Target

600A21358E2CC2D5D50B014C4A4DF03435B136BEC0EE7.exe
Size

455KB
Sample

220625-sylbkacfbq
MD5

15909876d5b6303d1d13a2553a57a789
SHA1

6f23da32a732804f3cdc31d44a459dab27ebdfa9
SHA256

600a21358e2cc2d5d50b014c4a4df03435b136bec0ee7903eb88d4368fe37647
SHA512

37b0aa06453582859b882c598e5c637ce988ee9e91f90941dbcef1cedec1328e313d4a935c6dfa5fd21e568f69119412a25ba6f801508dbf70cefae86d4d81c3

Score

10^/10

icedid 117589798 banker loader suricata trojan

Malware Config

Extracted

Family

icedid

Campaign

117589798

C2

panyinth.top

Targets

- Target
  
  600A21358E2CC2D5D50B014C4A4DF03435B136BEC0EE7.exe
- Size
  
  455KB
- MD5
  
  15909876d5b6303d1d13a2553a57a789
- SHA1
  
  6f23da32a732804f3cdc31d44a459dab27ebdfa9
- SHA256
  
  600a21358e2cc2d5d50b014c4a4df03435b136bec0ee7903eb88d4368fe37647
- SHA512
  
  37b0aa06453582859b882c598e5c637ce988ee9e91f90941dbcef1cedec1328e313d4a935c6dfa5fd21e568f69119412a25ba6f801508dbf70cefae86d4d81c3
Score

10^/10

icedid 117589798 banker loader suricata trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

icedid117589798bankerloadersuricatatrojan

behavioral2

icedid117589798bankerloadersuricatatrojan