icedid | ec0c054b34fbdf133d34ac28b2836277edba9515f247abe80d30786883338690 | Triage

Sharing

General

Target

9dfc6fcb31314fb3e3c3d8a1f7f2ce68.dll.exe
Size

452KB
Sample

220928-klez1sgeen
MD5

9dfc6fcb31314fb3e3c3d8a1f7f2ce68
SHA1

9e06cbb38893013c7f6de66749b24f9a528f0f4d
SHA256

ec0c054b34fbdf133d34ac28b2836277edba9515f247abe80d30786883338690
SHA512

c2590b77a0fc55b84f4fd49dd278986c049da047dce663563a24a366abefba23f1aa9cca775787ed144b7033afe64f3366775839b680cfba90351aa7fdfc8a23
SSDEEP

3072:omJOuzQiAIOvJ+1rzyp5cq1LGKFKHrt9F5p3BZiZqBAJLMok3n+CBrMrRZm1xAy+:JJOuZrzyp5V1LGKiBBMSkLTc+yyZmAr

Score

10^/10

icedid 2349072319 banker loader trojan

Malware Config

Extracted

Family

icedid

Campaign

2349072319

C2

sebdgoldingor.com

Targets

- Target
  
  9dfc6fcb31314fb3e3c3d8a1f7f2ce68.dll.exe
- Size
  
  452KB
- MD5
  
  9dfc6fcb31314fb3e3c3d8a1f7f2ce68
- SHA1
  
  9e06cbb38893013c7f6de66749b24f9a528f0f4d
- SHA256
  
  ec0c054b34fbdf133d34ac28b2836277edba9515f247abe80d30786883338690
- SHA512
  
  c2590b77a0fc55b84f4fd49dd278986c049da047dce663563a24a366abefba23f1aa9cca775787ed144b7033afe64f3366775839b680cfba90351aa7fdfc8a23
- SSDEEP
  
  3072:omJOuzQiAIOvJ+1rzyp5cq1LGKFKHrt9F5p3BZiZqBAJLMok3n+CBrMrRZm1xAy+:JJOuZrzyp5V1LGKiBBMSkLTc+yyZmAr
Score

10^/10

icedid 2349072319 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid2349072319bankerloadertrojan

behavioral2

icedid2349072319bankerloadertrojan