icedid | 6f5873af4eef364bd826f17d5c872f37b14737481672746b21c1b99482e5e02b | Triage

Sharing

General

Target

unnotified.db
Size

317KB
Sample

220923-nzzhcsaafq
MD5

4bb427783561c267c4100a4333ae45d1
SHA1

b53b87a8cb278ddecfba9950aa2911d618e40582
SHA256

6f5873af4eef364bd826f17d5c872f37b14737481672746b21c1b99482e5e02b
SHA512

5cf46393c075bcd5e0d5d57ae8559e1299137a684d1437d8a48a455f7e9a97a2d5a1cebe23df68f28c93ad950b472217977d79d6fe3155f67862e5a5a12f67b5
SSDEEP

6144:twA2m2kP7+sOjcroyI0xwlh8boidmQp1tRdnjU8b8:tD2/kP7yj1kuvcU8o

Score

10^/10

icedid 1023645195 banker loader trojan

Malware Config

Extracted

Family

icedid

Campaign

1023645195

C2

trallfasterinf.com

Targets

- Target
  
  unnotified.db
- Size
  
  317KB
- MD5
  
  4bb427783561c267c4100a4333ae45d1
- SHA1
  
  b53b87a8cb278ddecfba9950aa2911d618e40582
- SHA256
  
  6f5873af4eef364bd826f17d5c872f37b14737481672746b21c1b99482e5e02b
- SHA512
  
  5cf46393c075bcd5e0d5d57ae8559e1299137a684d1437d8a48a455f7e9a97a2d5a1cebe23df68f28c93ad950b472217977d79d6fe3155f67862e5a5a12f67b5
- SSDEEP
  
  6144:twA2m2kP7+sOjcroyI0xwlh8boidmQp1tRdnjU8b8:tD2/kP7yj1kuvcU8o
Score

10^/10

icedid 1023645195 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid1023645195bankerloadertrojan

behavioral2

icedid1023645195bankerloadertrojan