icedid | ffa53c1a362be33f264c6149c323fa8b1cd6ace7f912f4080d7f290abb785c54 | Triage

Sharing

General

Target

d2d9927030184c9687c6958a1daa42c6.dll.exe
Size

452KB
Sample

220928-rk5mlshcak
MD5

d2d9927030184c9687c6958a1daa42c6
SHA1

440ec63e6f46f4af154d3fb6043ea89fd7b29686
SHA256

ffa53c1a362be33f264c6149c323fa8b1cd6ace7f912f4080d7f290abb785c54
SHA512

48be1441bd9745af16b06a835653c70a953cbd03c8aec8d00c70d5a84bc2c1612c5745e2f56a6ee930c9c0c4a4579c123c2b9c182b999d578362202c473f3f10
SSDEEP

3072:XDJOuzQiAIOvJ+1rzyp5cq1LGKFKHrt9F5p3BZiZqBAJLMok3n+CBrMrRZm1xAyE:TJOuZrzyp5V1LGKiBBMSkLTc+yyZmAJ

Score

10^/10

icedid 2349072319 banker loader trojan

Malware Config

Extracted

Family

icedid

Campaign

2349072319

C2

sebdgoldingor.com

Targets

- Target
  
  d2d9927030184c9687c6958a1daa42c6.dll.exe
- Size
  
  452KB
- MD5
  
  d2d9927030184c9687c6958a1daa42c6
- SHA1
  
  440ec63e6f46f4af154d3fb6043ea89fd7b29686
- SHA256
  
  ffa53c1a362be33f264c6149c323fa8b1cd6ace7f912f4080d7f290abb785c54
- SHA512
  
  48be1441bd9745af16b06a835653c70a953cbd03c8aec8d00c70d5a84bc2c1612c5745e2f56a6ee930c9c0c4a4579c123c2b9c182b999d578362202c473f3f10
- SSDEEP
  
  3072:XDJOuzQiAIOvJ+1rzyp5cq1LGKFKHrt9F5p3BZiZqBAJLMok3n+CBrMrRZm1xAyE:TJOuZrzyp5V1LGKiBBMSkLTc+yyZmAJ
Score

10^/10

icedid 2349072319 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid2349072319bankerloadertrojan

behavioral2

icedid2349072319bankerloadertrojan