icedid | 66608501a21447082fe287bd99a8d7b7f0049e2ab3d161e3a3cfbf3e1f28b3bb | Triage

Sharing

General

Target

flagstaff.db
Size

476KB
Sample

220927-t5rmladhg5
MD5

7d81188fd25fbfc8b57b1889cc6ae180
SHA1

4dc6aa65779ec365bc1622bf0b28a5328acf4ac3
SHA256

66608501a21447082fe287bd99a8d7b7f0049e2ab3d161e3a3cfbf3e1f28b3bb
SHA512

0abb06d262ce25bd5e979789568f622e839cf4fc36bade958a8d1d13a3bfbb97a99665a6df91c2aa8c480da6e3d084ea4feacf0ec1e02cc5a207d9fb39a83d91
SSDEEP

6144:2nUq1i6qMhmPGx96QeQSIpBYMeepMRT9xa5yqwH:SUq1i6qbGx4IpheepMFLaAqo

Score

10^/10

icedid 3228182693 banker loader trojan

Malware Config

Extracted

Family

icedid

Campaign

3228182693

C2

tezycronam.com

Targets

- Target
  
  flagstaff.db
- Size
  
  476KB
- MD5
  
  7d81188fd25fbfc8b57b1889cc6ae180
- SHA1
  
  4dc6aa65779ec365bc1622bf0b28a5328acf4ac3
- SHA256
  
  66608501a21447082fe287bd99a8d7b7f0049e2ab3d161e3a3cfbf3e1f28b3bb
- SHA512
  
  0abb06d262ce25bd5e979789568f622e839cf4fc36bade958a8d1d13a3bfbb97a99665a6df91c2aa8c480da6e3d084ea4feacf0ec1e02cc5a207d9fb39a83d91
- SSDEEP
  
  6144:2nUq1i6qMhmPGx96QeQSIpBYMeepMRT9xa5yqwH:SUq1i6qbGx4IpheepMFLaAqo
Score

10^/10

icedid 3228182693 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid3228182693bankerloadertrojan

behavioral2

icedid3228182693bankerloadertrojan