icedid | 351a3a577b2043074d45536564a011f538768394432ca33bd5becc53b3e6a8e7 | Triage

Sharing

General

Target

273bcbda16a426bc67f0fbbf08eb965d.dll.exe
Size

679KB
Sample

221003-khkfbsfdb5
MD5

273bcbda16a426bc67f0fbbf08eb965d
SHA1

99cbe2bbadb61afeddc3b969c78156556dcdb83c
SHA256

351a3a577b2043074d45536564a011f538768394432ca33bd5becc53b3e6a8e7
SHA512

e9ae3a3b39ab2ca72f17b65c29471ed8284ddd64106927260baf11ddf791263aeed9dc59b4b06b07d3601f0697a6124b0afa0dc524d4fb3ceed714ea68f116bf
SSDEEP

6144:IMjneLstVgH2yICXFa98HrqnlSGbezqOcLf/1O5800oBKMvUfEfm/Z:IMjeqd2XxGbfOqfVmKMux

Score

10^/10

icedid 2909555027 banker loader trojan

Malware Config

Extracted

Family

icedid

Campaign

2909555027

C2

guversaksi.com

Targets

- Target
  
  273bcbda16a426bc67f0fbbf08eb965d.dll.exe
- Size
  
  679KB
- MD5
  
  273bcbda16a426bc67f0fbbf08eb965d
- SHA1
  
  99cbe2bbadb61afeddc3b969c78156556dcdb83c
- SHA256
  
  351a3a577b2043074d45536564a011f538768394432ca33bd5becc53b3e6a8e7
- SHA512
  
  e9ae3a3b39ab2ca72f17b65c29471ed8284ddd64106927260baf11ddf791263aeed9dc59b4b06b07d3601f0697a6124b0afa0dc524d4fb3ceed714ea68f116bf
- SSDEEP
  
  6144:IMjneLstVgH2yICXFa98HrqnlSGbezqOcLf/1O5800oBKMvUfEfm/Z:IMjeqd2XxGbfOqfVmKMux
Score

10^/10

icedid 2909555027 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

icedid2909555027bankerloadertrojan