icedid | 0bf9d30a77ad68ba8940cc1f14174e19b546c94e23d875a7ac51c0e88f4b7258 | Triage

Sharing

General

Target

3f627b1f92803c0e393f7f596c333f6f.dll.exe
Size

452KB
Sample

220927-zm5dmaeec7
MD5

3f627b1f92803c0e393f7f596c333f6f
SHA1

86d445c9626d59b0c6811bc858deeb0535cc1d1d
SHA256

0bf9d30a77ad68ba8940cc1f14174e19b546c94e23d875a7ac51c0e88f4b7258
SHA512

2ca36d6ba6a2a17ba6cd8140c80b79d819b28da33f30793654502a42d078bca40c4b8ef7de584995b32e4dfe48c789ea25b742cb748d62532733276785499a85
SSDEEP

3072:W/JOuzQiAIOvJ+1rzyp5cq1LGKFKHrt9F5p3BZiZqBAJLMok3n+CBrMrRZm1xAyc:eJOuZrzyp5V1LGKiBBMSkLTc+yyZmAV

Score

10^/10

icedid 2349072319 banker loader trojan

Malware Config

Extracted

Family

icedid

Campaign

2349072319

C2

sebdgoldingor.com

Targets

- Target
  
  3f627b1f92803c0e393f7f596c333f6f.dll.exe
- Size
  
  452KB
- MD5
  
  3f627b1f92803c0e393f7f596c333f6f
- SHA1
  
  86d445c9626d59b0c6811bc858deeb0535cc1d1d
- SHA256
  
  0bf9d30a77ad68ba8940cc1f14174e19b546c94e23d875a7ac51c0e88f4b7258
- SHA512
  
  2ca36d6ba6a2a17ba6cd8140c80b79d819b28da33f30793654502a42d078bca40c4b8ef7de584995b32e4dfe48c789ea25b742cb748d62532733276785499a85
- SSDEEP
  
  3072:W/JOuzQiAIOvJ+1rzyp5cq1LGKFKHrt9F5p3BZiZqBAJLMok3n+CBrMrRZm1xAyc:eJOuZrzyp5V1LGKiBBMSkLTc+yyZmAV
Score

10^/10

icedid 2349072319 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid2349072319bankerloadertrojan

behavioral2

icedid2349072319bankerloadertrojan