icedid | a54a6bfba5d631f6ff4d5f3994c987956a91c74f9b4082704a1056924fca26d7 | Triage

Sharing

General

Target

a54a6bfba5d631f6ff4d5f3994c987956a91c74f9b4082704a1056924fca26d7.dll
Size

13KB
Sample

220630-yahtesbhc5
MD5

ec1eae0a42f0580e0487e2da9426467b
SHA1

6b1868f8e7bdce59b0a01f19a83502b824fbd650
SHA256

a54a6bfba5d631f6ff4d5f3994c987956a91c74f9b4082704a1056924fca26d7
SHA512

98329c6cc6ebd45b2be056882b557f3dca3b8bb5451d5a9e7a80be41b49882970f96b2d1179b8d0512ebe1e6ad26c213255508f9a4b6d1723edbe1155cc7b72e

Score

10^/10

icedid 1842176049 banker loader suricata trojan

Malware Config

Extracted

Family

icedid

Campaign

1842176049

C2

carismortht.com

Extracted

Family

icedid

Campaign

1842176049

Targets

- Target
  
  a54a6bfba5d631f6ff4d5f3994c987956a91c74f9b4082704a1056924fca26d7.dll
- Size
  
  13KB
- MD5
  
  ec1eae0a42f0580e0487e2da9426467b
- SHA1
  
  6b1868f8e7bdce59b0a01f19a83502b824fbd650
- SHA256
  
  a54a6bfba5d631f6ff4d5f3994c987956a91c74f9b4082704a1056924fca26d7
- SHA512
  
  98329c6cc6ebd45b2be056882b557f3dca3b8bb5451d5a9e7a80be41b49882970f96b2d1179b8d0512ebe1e6ad26c213255508f9a4b6d1723edbe1155cc7b72e
Score

10^/10

icedid 1842176049 banker suricata trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

loader1842176049icedid

behavioral1

icedid1842176049bankersuricatatrojan

behavioral2

icedid1842176049bankersuricatatrojan