icedid | 36b8d18635a743a105c45092827f1d50e2815b3c23bbef47ac77fb028edf8027 | Triage

Sharing

General

Target

noncommittalism_bennets_beechiest.db
Size

56KB
Sample

221020-kb7bhsddcm
MD5

b164eda2c611a5171b064c1d02b812a8
SHA1

b61022d98a601d0f2de74799456dc6d158095d93
SHA256

36b8d18635a743a105c45092827f1d50e2815b3c23bbef47ac77fb028edf8027
SHA512

97f13241133c8419da4458d38856e73f4d3263b16db7f2a07e56c83fe6908e09ebd27eca77ba79a5316b85eae41d15cd68a392feeb5f940be5633a2b569048c4
SSDEEP

1536:Jd23NuUPC30mX7o7b91KzMdyKXvD2GZ58fi1KihIgvLT+:v2du2CT7IcGrZLT

Score

10^/10

icedid 56237520 banker loader trojan

Malware Config

Extracted

Family

icedid

Campaign

56237520

C2

tablearmestion.com

Targets

- Target
  
  noncommittalism_bennets_beechiest.db
- Size
  
  56KB
- MD5
  
  b164eda2c611a5171b064c1d02b812a8
- SHA1
  
  b61022d98a601d0f2de74799456dc6d158095d93
- SHA256
  
  36b8d18635a743a105c45092827f1d50e2815b3c23bbef47ac77fb028edf8027
- SHA512
  
  97f13241133c8419da4458d38856e73f4d3263b16db7f2a07e56c83fe6908e09ebd27eca77ba79a5316b85eae41d15cd68a392feeb5f940be5633a2b569048c4
- SSDEEP
  
  1536:Jd23NuUPC30mX7o7b91KzMdyKXvD2GZ58fi1KihIgvLT+:v2du2CT7IcGrZLT
Score

10^/10

icedid 56237520 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid56237520bankerloadertrojan

behavioral2

icedid56237520bankerloadertrojan