icedid | dd6478b230393007b0382ed3cd17c19d4bb2a9ab1fad6a051503768bceb1c240 | Triage

Sharing

General

Target

247eb6aeb8411cd02baa258a26a4d1e4.dll
Size

424KB
Sample

220704-xn7t2acgf6
MD5

247eb6aeb8411cd02baa258a26a4d1e4
SHA1

b700269967b71e08bc865ec53d2d11d363d4f4f6
SHA256

dd6478b230393007b0382ed3cd17c19d4bb2a9ab1fad6a051503768bceb1c240
SHA512

45e9fa3b62bc9b311071b7b875d7fb26ca32437fd3d9ae96de363640be6f8926ac836ccf919218e6e05030b3f33c0cd9711b5d29a65326b217f8ed9cd71e8cb8

Score

10^/10

icedid 3635541348 banker loader suricata trojan

Malware Config

Extracted

Family

icedid

Campaign

3635541348

C2

piponareatna.com

Targets

- Target
  
  247eb6aeb8411cd02baa258a26a4d1e4.dll
- Size
  
  424KB
- MD5
  
  247eb6aeb8411cd02baa258a26a4d1e4
- SHA1
  
  b700269967b71e08bc865ec53d2d11d363d4f4f6
- SHA256
  
  dd6478b230393007b0382ed3cd17c19d4bb2a9ab1fad6a051503768bceb1c240
- SHA512
  
  45e9fa3b62bc9b311071b7b875d7fb26ca32437fd3d9ae96de363640be6f8926ac836ccf919218e6e05030b3f33c0cd9711b5d29a65326b217f8ed9cd71e8cb8
Score

10^/10

icedid 3635541348 banker loader suricata trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid3635541348bankerloadersuricatatrojan

behavioral2

icedid3635541348bankerloadersuricatatrojan