icedid | 9b8a1a7f43532922e60292a34bd14f91560b0039772ea9c93691ff806d0795a1 | Triage

Sharing

General

Target

34585418e4d323e05731edd1d0dbd4fe.dll
Size

731KB
Sample

220701-w3q96acaf2
MD5

34585418e4d323e05731edd1d0dbd4fe
SHA1

62a16e8326bfcf308a56b77eaccf4da3fbf6822f
SHA256

9b8a1a7f43532922e60292a34bd14f91560b0039772ea9c93691ff806d0795a1
SHA512

f456f6a621bb1716bbc6d3cb8329f70709e6dae71088e4df1b0e6a8e142bcc9e3916b37dccbb9801bddb067b31e5b07d7d9313f2767b06490b5159f068276bb8

Score

10^/10

icedid 3652318967 banker loader suricata trojan

Malware Config

Extracted

Family

icedid

Campaign

3652318967

C2

yankyhoni.com

Targets

- Target
  
  34585418e4d323e05731edd1d0dbd4fe.dll
- Size
  
  731KB
- MD5
  
  34585418e4d323e05731edd1d0dbd4fe
- SHA1
  
  62a16e8326bfcf308a56b77eaccf4da3fbf6822f
- SHA256
  
  9b8a1a7f43532922e60292a34bd14f91560b0039772ea9c93691ff806d0795a1
- SHA512
  
  f456f6a621bb1716bbc6d3cb8329f70709e6dae71088e4df1b0e6a8e142bcc9e3916b37dccbb9801bddb067b31e5b07d7d9313f2767b06490b5159f068276bb8
Score

10^/10

icedid 3652318967 banker loader suricata trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid3652318967bankerloadersuricatatrojan

behavioral2

icedid3652318967bankerloadersuricatatrojan