icedid | 0524a8fe82edc46ae041b94ce80618365fb9ddadedd29d1f4fd6c7049bc02bba | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ice1910.dll.exe
Size

56KB
Sample

221019-xj7cpsdacr
MD5

c63f1b90ef5c65f6826349e64b00745e
SHA1

c7666564b47388a5e987431ee5c23e2db3d472d8
SHA256

0524a8fe82edc46ae041b94ce80618365fb9ddadedd29d1f4fd6c7049bc02bba
SHA512

4837ac4c859c9b09225a930a1a397b0abe19af6a850a638b1055f5be68fb724c213681f91214985ada36295ef9c231867dd6ad4366b4e36b1e77eaad1647c320
SSDEEP

1536:tpheQ8hE218U0gVCHyGmIg9XkonWEOrFck/STe/utyEO:tp+1eaXL/Ouz

Score

10^/10

icedid 56237520 banker loader trojan

Malware Config

Extracted

Family

icedid

Campaign

56237520

C2

tablearmestion.com

Targets

- Target
  
  ice1910.dll.exe
- Size
  
  56KB
- MD5
  
  c63f1b90ef5c65f6826349e64b00745e
- SHA1
  
  c7666564b47388a5e987431ee5c23e2db3d472d8
- SHA256
  
  0524a8fe82edc46ae041b94ce80618365fb9ddadedd29d1f4fd6c7049bc02bba
- SHA512
  
  4837ac4c859c9b09225a930a1a397b0abe19af6a850a638b1055f5be68fb724c213681f91214985ada36295ef9c231867dd6ad4366b4e36b1e77eaad1647c320
- SSDEEP
  
  1536:tpheQ8hE218U0gVCHyGmIg9XkonWEOrFck/STe/utyEO:tp+1eaXL/Ouz
Score

10^/10

icedid 56237520 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid56237520bankerloadertrojan

behavioral2

icedid56237520bankerloadertrojan