icedid | 632f92e0ce6fd4ffd7efc36d38f649d98a6e132f43b0f697601ae4c07c3c9480 | Triage

Sharing

General

Target

632f92e0ce6fd4ffd7efc36d38f649d98a6e132f43b0f697601ae4c07c3c9480.dll
Size

13KB
Sample

220706-3yt9ksaefq
MD5

3edd8e5fb3a051fa54d9ab789dcf53e6
SHA1

9ea9d33148b7fcd7fae5132ccb114d636b0b9d45
SHA256

632f92e0ce6fd4ffd7efc36d38f649d98a6e132f43b0f697601ae4c07c3c9480
SHA512

1562bcac0f17287cda0728f3100ca57acb93b28c854a7a33b48ff0f1ab667c951c8504c6fa3993e6c50487d2b17d90558793cf7066e7140bad4331667dcea71d

Score

10^/10

icedid 4105767744 banker loader suricata trojan

Malware Config

Extracted

Family

icedid

Campaign

4105767744

C2

frodupshopping.com

Extracted

Family

icedid

Campaign

4105767744

Targets

- Target
  
  632f92e0ce6fd4ffd7efc36d38f649d98a6e132f43b0f697601ae4c07c3c9480.dll
- Size
  
  13KB
- MD5
  
  3edd8e5fb3a051fa54d9ab789dcf53e6
- SHA1
  
  9ea9d33148b7fcd7fae5132ccb114d636b0b9d45
- SHA256
  
  632f92e0ce6fd4ffd7efc36d38f649d98a6e132f43b0f697601ae4c07c3c9480
- SHA512
  
  1562bcac0f17287cda0728f3100ca57acb93b28c854a7a33b48ff0f1ab667c951c8504c6fa3993e6c50487d2b17d90558793cf7066e7140bad4331667dcea71d
Score

10^/10

icedid 4105767744 banker suricata trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

loader4105767744icedid

behavioral1

icedid4105767744bankersuricatatrojan

behavioral2

icedid4105767744bankersuricatatrojan