icedid | e5591e357359405cef1b8d22901b5e844c0dc480a7d4b15324f21a2a17723aab | Triage

Sharing

General

Target

Extracted-Hex.bin
Size

243KB
Sample

220915-wl38dsdgb4
MD5

766fb7ca50d63897e7bb3a5c9659e2fd
SHA1

c2139527666683e4371f3ed79beeaae7d98dcca2
SHA256

e5591e357359405cef1b8d22901b5e844c0dc480a7d4b15324f21a2a17723aab
SHA512

9d6dd458d2c3a59a713e31c1feb3cebb1125ed3f9f7e6f33f50a688383bf02af40f6885d6e64b51b596d1585d8fa27f84cf19dec44bd5941b403a492609dcde3
SSDEEP

3072:VgyPm+PU16y0a724xuIKhloD+T2GhQOiEhzCOQJzkQhUzI3d2WhmEN:VZO+K6yhIyMvhG2QyK

Score

10^/10

icedid 809191839 banker loader trojan

Malware Config

Extracted

Family

icedid

Campaign

809191839

C2

allozelkot.com

Targets

- Target
  
  Extracted-Hex.bin
- Size
  
  243KB
- MD5
  
  766fb7ca50d63897e7bb3a5c9659e2fd
- SHA1
  
  c2139527666683e4371f3ed79beeaae7d98dcca2
- SHA256
  
  e5591e357359405cef1b8d22901b5e844c0dc480a7d4b15324f21a2a17723aab
- SHA512
  
  9d6dd458d2c3a59a713e31c1feb3cebb1125ed3f9f7e6f33f50a688383bf02af40f6885d6e64b51b596d1585d8fa27f84cf19dec44bd5941b403a492609dcde3
- SSDEEP
  
  3072:VgyPm+PU16y0a724xuIKhloD+T2GhQOiEhzCOQJzkQhUzI3d2WhmEN:VZO+K6yhIyMvhG2QyK
Score

10^/10

icedid 809191839 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid809191839bankerloadertrojan

behavioral2

icedid809191839bankerloadertrojan