icedid | 3383ea6e7b13b0b717a5851b1bd15d8ca7615802c38ba0c96fcf7316da300972 | Triage

Resubmissions

31-08-2022 12:04

220831-n8wg3afea9 10

31-08-2022 12:02

220831-n7ywssfdh8 1

Sharing

General

Target

sterli0p.dll
Size

380KB
Sample

220831-n8wg3afea9
MD5

a911ac10ccd9b7b60bc516fd03e54ff6
SHA1

e52c98047e2846b5efcf12660404a04eba502ec3
SHA256

3383ea6e7b13b0b717a5851b1bd15d8ca7615802c38ba0c96fcf7316da300972
SHA512

db302c7883a744f020297a80bfc55cc9bd937d9e40caf38e5a27abe36596f325b603dcea7eca524dba604008303d29060eca92207e99b8a650d837fb5959fda4
SSDEEP

6144:bCjVQMt24rn2QQcIU9ycLHvomnVomk81Wa+V7HH2424rn2bBnHIsWrXIy4tBuu8k:ujVQMt24rn2rcI9mk8nKHD24rn2tnHfB

Score

10^/10

icedid 2260774107 banker loader trojan

Malware Config

Extracted

Family

icedid

Campaign

2260774107

C2

godenfasternow.com

Targets

- Target
  
  sterli0p.dll
- Size
  
  380KB
- MD5
  
  a911ac10ccd9b7b60bc516fd03e54ff6
- SHA1
  
  e52c98047e2846b5efcf12660404a04eba502ec3
- SHA256
  
  3383ea6e7b13b0b717a5851b1bd15d8ca7615802c38ba0c96fcf7316da300972
- SHA512
  
  db302c7883a744f020297a80bfc55cc9bd937d9e40caf38e5a27abe36596f325b603dcea7eca524dba604008303d29060eca92207e99b8a650d837fb5959fda4
- SSDEEP
  
  6144:bCjVQMt24rn2QQcIU9ycLHvomnVomk81Wa+V7HH2424rn2bBnHIsWrXIy4tBuu8k:ujVQMt24rn2rcI9mk8nKHD24rn2tnHfB
Score

10^/10

icedid 2260774107 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Blocklisted process makes network request
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid2260774107bankerloadertrojan