icedid | a104706b5e5afbafb3ba39ef5dc4e86391be98ac6d8328464375701bd91a7373 | Triage

Sharing

General

Target

c8d6bc54b3188ba091c447ecc4561e01.dll.exe
Size

317KB
Sample

220926-wcavgsbee6
MD5

c8d6bc54b3188ba091c447ecc4561e01
SHA1

13641366d1d1e10420bb5733c26feb8fbfac2423
SHA256

a104706b5e5afbafb3ba39ef5dc4e86391be98ac6d8328464375701bd91a7373
SHA512

7d527f5042b8188240863c42a3a4c10bc648f4a0a3a5e1e2de87937fe504aac6693355dc2a9175c7907ee709e3bbff2c7904e8a84811e578e03e0d69fa47ea23
SSDEEP

6144:1OA2m2kP7+sOjcroyI0xwlh8boidmQp1tRdnjU8bN:152/kP7yj1kuvcU8Z

Score

10^/10

icedid 1023645195 banker loader trojan

Malware Config

Extracted

Family

icedid

Campaign

1023645195

C2

trallfasterinf.com

Targets

- Target
  
  c8d6bc54b3188ba091c447ecc4561e01.dll.exe
- Size
  
  317KB
- MD5
  
  c8d6bc54b3188ba091c447ecc4561e01
- SHA1
  
  13641366d1d1e10420bb5733c26feb8fbfac2423
- SHA256
  
  a104706b5e5afbafb3ba39ef5dc4e86391be98ac6d8328464375701bd91a7373
- SHA512
  
  7d527f5042b8188240863c42a3a4c10bc648f4a0a3a5e1e2de87937fe504aac6693355dc2a9175c7907ee709e3bbff2c7904e8a84811e578e03e0d69fa47ea23
- SSDEEP
  
  6144:1OA2m2kP7+sOjcroyI0xwlh8boidmQp1tRdnjU8bN:152/kP7yj1kuvcU8Z
Score

10^/10

icedid 1023645195 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid1023645195bankerloadertrojan

behavioral2

icedid1023645195bankerloadertrojan