icedid | 45e972e4f9cd2cf0b0200741081df634ee3e29a5109d7632ff4739df0ed9ad25 | Triage

Sharing

General

Target

e7581b297feebce79f805522a75a7f46.dll.exe
Size

452KB
Sample

220928-st63gahebj
MD5

e7581b297feebce79f805522a75a7f46
SHA1

ed2c63daa3b75a8d29ea5a08a889fc8f94dd25d5
SHA256

45e972e4f9cd2cf0b0200741081df634ee3e29a5109d7632ff4739df0ed9ad25
SHA512

860be4a9ec6f11dd33397917144720d0f5f397721f58192ddcc6d83fbdda3eb9867d269f3bdb87f1b980c6cbdce8ee4d801f08fb8c7b972b0a8912e82fbb1da5
SSDEEP

3072:ZpzQiAIOvJ+0vh1AKhgF9y6j613scqoFCrqJOuAn+CBnL56ZCoOt9Fy1TPp3BwI7:Zpx0vT9y1YsVoF/JOuA++L56ZdLVBtVF

Score

10^/10

icedid 2349072319 banker loader trojan

Malware Config

Extracted

Family

icedid

Campaign

2349072319

C2

sebdgoldingor.com

Targets

- Target
  
  e7581b297feebce79f805522a75a7f46.dll.exe
- Size
  
  452KB
- MD5
  
  e7581b297feebce79f805522a75a7f46
- SHA1
  
  ed2c63daa3b75a8d29ea5a08a889fc8f94dd25d5
- SHA256
  
  45e972e4f9cd2cf0b0200741081df634ee3e29a5109d7632ff4739df0ed9ad25
- SHA512
  
  860be4a9ec6f11dd33397917144720d0f5f397721f58192ddcc6d83fbdda3eb9867d269f3bdb87f1b980c6cbdce8ee4d801f08fb8c7b972b0a8912e82fbb1da5
- SSDEEP
  
  3072:ZpzQiAIOvJ+0vh1AKhgF9y6j613scqoFCrqJOuAn+CBnL56ZCoOt9Fy1TPp3BwI7:Zpx0vT9y1YsVoF/JOuA++L56ZdLVBtVF
Score

10^/10

icedid 2349072319 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid2349072319bankerloadertrojan

behavioral2

icedid2349072319bankerloadertrojan