icedid | 219d1bd045d7c3328184aba4842cc0d36acae7e835564d84ee2d8ffea94e4317 | Triage

Sharing

General

Target

768327532892733679.dll
Size

424KB
Sample

220630-1aqv5sbchq
MD5

92b73d78e901480734e937cc5a6c0c9d
SHA1

bc4c1a27ae6655bab4749a5fb4d5e6908ae1b563
SHA256

219d1bd045d7c3328184aba4842cc0d36acae7e835564d84ee2d8ffea94e4317
SHA512

85b9999a86f302b6ecf4519c1873eb20095a3700dd1d50f202cb3eae790cbeb21a36c770ae32768c9fa256168164b6b2e704a316cbcd199e31262aa2093c2bc6

Score

10^/10

icedid 1825398430 banker loader suricata trojan

Malware Config

Extracted

Family

icedid

Campaign

1825398430

C2

ciaontroni.com

Targets

- Target
  
  768327532892733679.dll
- Size
  
  424KB
- MD5
  
  92b73d78e901480734e937cc5a6c0c9d
- SHA1
  
  bc4c1a27ae6655bab4749a5fb4d5e6908ae1b563
- SHA256
  
  219d1bd045d7c3328184aba4842cc0d36acae7e835564d84ee2d8ffea94e4317
- SHA512
  
  85b9999a86f302b6ecf4519c1873eb20095a3700dd1d50f202cb3eae790cbeb21a36c770ae32768c9fa256168164b6b2e704a316cbcd199e31262aa2093c2bc6
Score

10^/10

icedid 1825398430 banker loader suricata trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid1825398430bankerloadersuricatatrojan

behavioral2

icedid1825398430bankerloadertrojan