icedid | 6751d66b22cf8065ffeb791490f89588abfbdb54d1cb005ba33000d9b8158d0c | Triage

Sharing

General

Target

June-06028_151-Report.zip
Size

254KB
Sample

220628-vdrc7aahgm
MD5

d48703f574f4626179c98fe712d2222a
SHA1

43b743657a2865de10af720987a6c0ee8c3706ed
SHA256

6751d66b22cf8065ffeb791490f89588abfbdb54d1cb005ba33000d9b8158d0c
SHA512

1fdc57270b9a7b103d9b0803cf87a197afe85f573b77f879890d6bc0e886fe04539131369b45552d51829ce1943147d2cc06bc916a74c3467f08884e08c83bd6

Score

10^/10

icedid 3568430872 banker loader suricata trojan

Malware Config

Extracted

Family

icedid

Campaign

3568430872

C2

alionavon.com

Targets

- Target
  
  loader.bat
- Size
  
  44B
- MD5
  
  c3b9d4db526699b5712cd68f381f7fc1
- SHA1
  
  186c032f01b361e6d0faa509e21b2bd8576e4bcb
- SHA256
  
  e8ad79db4480f652904f07566371acda37ba68e0f41c3a725d61b6dd57648f22
- SHA512
  
  070e6c818d943d360f098d82fb6e5c342713a62700a4fd11147ca4f2fa65b5dfde0cae72e87e3f1a8ba9c2c84ae57d0075624f51a42435af88c4a18115baee2b
Score

10^/10

icedid 3568430872 banker loader suricata trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata
- Blocklisted process makes network request
behavioral1 behavioral2
- Target
  
  r7kom.dll
- Size
  
  451KB
- MD5
  
  00c6652355b332b46339da2354482046
- SHA1
  
  a2521c32758afad2260f42944570ad06cdcaf9ff
- SHA256
  
  07050dd79a5274bbc864510beaf1a17b3fc71b08d4fcab12b0644497a514de91
- SHA512
  
  92299af72675d791d534195bd188b9880b6fce324b87f5399f8fcd90c316511a835943169fa0a0b9d0a9bac7b31fad0a184d90a94a6597b2c955bfddc69834c6
Score

10^/10

icedid 3568430872 banker loader suricata trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata
- Blocklisted process makes network request
behavioral3 behavioral4

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid3568430872bankerloadersuricatatrojan

behavioral2

icedid3568430872bankerloadersuricatatrojan

behavioral3

icedid3568430872bankerloadersuricatatrojan

behavioral4

icedid3568430872bankerloadersuricatatrojan