icedid | 2cea5813ba39c424c988225d112c922377d71348058255b5603cba28f50783dc | Triage

Sharing

General

Target

407c05c9d3cb98b06d3536e84d2afcb6.dll.exe
Size

358KB
Sample

220925-vjh9rsggal
MD5

407c05c9d3cb98b06d3536e84d2afcb6
SHA1

88b31c04e6acfde0cf2247a59f38621445709cf8
SHA256

2cea5813ba39c424c988225d112c922377d71348058255b5603cba28f50783dc
SHA512

6a1b1f55b92788986acb22337d20441ec2a60652e5661b07478137634a8acf29228a4b2fdbafba0cfd5405b58f43ef73eb426fae771e6b0ef679b24aa1143b60
SSDEEP

6144:KrwBcUn8kslaFCmHP7csFsMU7q6C2CIDYmwNn1ri3/r:sj/8zHP7b2TfPr

Score

10^/10

icedid 2432960414 banker loader trojan

Malware Config

Extracted

Family

icedid

Campaign

2432960414

C2

zalikomanperis.com

Targets

- Target
  
  407c05c9d3cb98b06d3536e84d2afcb6.dll.exe
- Size
  
  358KB
- MD5
  
  407c05c9d3cb98b06d3536e84d2afcb6
- SHA1
  
  88b31c04e6acfde0cf2247a59f38621445709cf8
- SHA256
  
  2cea5813ba39c424c988225d112c922377d71348058255b5603cba28f50783dc
- SHA512
  
  6a1b1f55b92788986acb22337d20441ec2a60652e5661b07478137634a8acf29228a4b2fdbafba0cfd5405b58f43ef73eb426fae771e6b0ef679b24aa1143b60
- SSDEEP
  
  6144:KrwBcUn8kslaFCmHP7csFsMU7q6C2CIDYmwNn1ri3/r:sj/8zHP7b2TfPr
Score

10^/10

icedid 2432960414 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid2432960414bankerloadertrojan

behavioral2

icedid2432960414bankerloadertrojan