icedid | ae98813034867301438cbc9326d707a0a1169a21b5a66e22447079325ea58b97 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

TYnvUcnF.dll
Size

452KB
Sample

220919-xxngrahdak
MD5

be51a22cc677228d574e7d7603565d12
SHA1

213d0341cae78a368b124889ac965e40a938278e
SHA256

ae98813034867301438cbc9326d707a0a1169a21b5a66e22447079325ea58b97
SHA512

072da1814e145a3d82ef9886c25dd0f82b5c519477434a58180ae5c861e052c613455f7a167ffe94aceb1b08a4e5820490aafb237e1fb819de0fc0e8e6a9bea2
SSDEEP

6144:IcwOnhu0n/yvHtFxTv80J0TET7FWQ+ItFMu5P1rh/I9I1ezFxsbxBFtfCnYL635z:IkyfS0Gn21epxsvqYL85oS

Score

10^/10

icedid 775636601 banker loader trojan

Malware Config

Extracted

Family

icedid

Campaign

775636601

C2

aviadronazhed.com

Targets

- Target
  
  TYnvUcnF.dll
- Size
  
  452KB
- MD5
  
  be51a22cc677228d574e7d7603565d12
- SHA1
  
  213d0341cae78a368b124889ac965e40a938278e
- SHA256
  
  ae98813034867301438cbc9326d707a0a1169a21b5a66e22447079325ea58b97
- SHA512
  
  072da1814e145a3d82ef9886c25dd0f82b5c519477434a58180ae5c861e052c613455f7a167ffe94aceb1b08a4e5820490aafb237e1fb819de0fc0e8e6a9bea2
- SSDEEP
  
  6144:IcwOnhu0n/yvHtFxTv80J0TET7FWQ+ItFMu5P1rh/I9I1ezFxsbxBFtfCnYL635z:IkyfS0Gn21epxsvqYL85oS
Score

10^/10

icedid 775636601 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid775636601bankerloadertrojan

behavioral2

icedid775636601bankerloadertrojan