icedid | 5ba506d55c522c8215c75ba312b5dab6db131741a15eb8a3416744271fc07ec3 | Triage

Sharing

General

Target

289d95f27e20b29a42c802990262e995.dll.exe
Size

358KB
Sample

220925-vhdynagfhp
MD5

289d95f27e20b29a42c802990262e995
SHA1

87f1b76acf5a515a563a51686669a8376652141c
SHA256

5ba506d55c522c8215c75ba312b5dab6db131741a15eb8a3416744271fc07ec3
SHA512

c0e5cd37c61b9c145f489946725bb1394a398a14e4d8b5745a4f4d87161d841ea12e17768ddf34ac5cb9549b18c043ac253394a4ee94ac1b530d100720b60f94
SSDEEP

6144:pJwBcUn8kslaFCmHP7csFsMU7q6C2CIDYmwNn1ri3/f:Tj/8zHP7b2TfPf

Score

10^/10

icedid 2432960414 banker loader trojan

Malware Config

Extracted

Family

icedid

Campaign

2432960414

C2

zalikomanperis.com

Targets

- Target
  
  289d95f27e20b29a42c802990262e995.dll.exe
- Size
  
  358KB
- MD5
  
  289d95f27e20b29a42c802990262e995
- SHA1
  
  87f1b76acf5a515a563a51686669a8376652141c
- SHA256
  
  5ba506d55c522c8215c75ba312b5dab6db131741a15eb8a3416744271fc07ec3
- SHA512
  
  c0e5cd37c61b9c145f489946725bb1394a398a14e4d8b5745a4f4d87161d841ea12e17768ddf34ac5cb9549b18c043ac253394a4ee94ac1b530d100720b60f94
- SSDEEP
  
  6144:pJwBcUn8kslaFCmHP7csFsMU7q6C2CIDYmwNn1ri3/f:Tj/8zHP7b2TfPf
Score

10^/10

icedid 2432960414 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid2432960414bankerloadertrojan

behavioral2

icedid2432960414bankerloadertrojan