Triage | Malware sandboxing report by Hatching Triage

Sharing

General

Target

braved.db
Size

476KB
Sample

220927-3kelzafhbr
MD5

41e60934b4352378f755b8b234e28b1d
SHA1

596520cd20a9abf62119c3e3d530e5e99f9dd285
SHA256

5b3ec3844cc7a448071397b8cb488e6b1dd8a35eb66a6046672cf243817f0b03
SHA512

e41cae897b3e4c6b5e228940933a5120d175d39c5939ba9f7a6739d70f6ef0cd71fc7d8302c6d28989be2a1959aaa201265ed28717d093e5d04451567dcbf307
SSDEEP

6144:EowRmpalgwWrQk2wT7Byq1i6qZksSiOmvQeQEer:XwUpalgwbtq7sq1i6qqsSIjer

Score

10^/10

icedid 3228182693 banker loader trojan

Malware Config

Extracted

Family

icedid

Campaign

3228182693

C2

tezycronam.com

Targets

- Target
  
  braved.db
- Size
  
  476KB
- MD5
  
  41e60934b4352378f755b8b234e28b1d
- SHA1
  
  596520cd20a9abf62119c3e3d530e5e99f9dd285
- SHA256
  
  5b3ec3844cc7a448071397b8cb488e6b1dd8a35eb66a6046672cf243817f0b03
- SHA512
  
  e41cae897b3e4c6b5e228940933a5120d175d39c5939ba9f7a6739d70f6ef0cd71fc7d8302c6d28989be2a1959aaa201265ed28717d093e5d04451567dcbf307
- SSDEEP
  
  6144:EowRmpalgwWrQk2wT7Byq1i6qZksSiOmvQeQEer:XwUpalgwbtq7sq1i6qqsSIjer
Score

10^/10

icedid 3228182693 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Collection

Command and Control

Credential Access

Defense Evasion

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

Tasks

static1

behavioral1

icedid3228182693bankerloadertrojan

behavioral2

icedid3228182693bankerloadertrojan