icedid | 087f0e89e9bbc43ee25e08608fa087ad48e6dcf7e64c9f3f045c2a06619687c2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

087f0e89e9bbc43ee25e08608fa087ad48e6dcf7e64c9f3f045c2a06619687c2.exe
Size

209KB
Sample

221025-f1zwhsbfdq
MD5

2ed4c3f11e7404dd79576dff7a4677ba
SHA1

1eb2207bffcf721cb6ac92eef2d31722593c1fa8
SHA256

087f0e89e9bbc43ee25e08608fa087ad48e6dcf7e64c9f3f045c2a06619687c2
SHA512

3bdc7e0c4c22c2652e947245e9ff3b79d744ac14127ea78c85ef329f0b9935938602d90f0d6da7dc8c0c325e8f68e92672d696adc64ffca10ae47230b538a5ee
SSDEEP

3072:4qhZ8iK2/b+ymhVF+sc1GGwBp1UNKs4gRNh:Pp+9BVpMKs4A

Score

10^/10

icedid 1048105134 banker loader trojan

Malware Config

Extracted

Family

icedid

Campaign

1048105134

C2

rulescvosher.com

Targets

- Target
  
  087f0e89e9bbc43ee25e08608fa087ad48e6dcf7e64c9f3f045c2a06619687c2.exe
- Size
  
  209KB
- MD5
  
  2ed4c3f11e7404dd79576dff7a4677ba
- SHA1
  
  1eb2207bffcf721cb6ac92eef2d31722593c1fa8
- SHA256
  
  087f0e89e9bbc43ee25e08608fa087ad48e6dcf7e64c9f3f045c2a06619687c2
- SHA512
  
  3bdc7e0c4c22c2652e947245e9ff3b79d744ac14127ea78c85ef329f0b9935938602d90f0d6da7dc8c0c325e8f68e92672d696adc64ffca10ae47230b538a5ee
- SSDEEP
  
  3072:4qhZ8iK2/b+ymhVF+sc1GGwBp1UNKs4gRNh:Pp+9BVpMKs4A
Score

10^/10

icedid 1048105134 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid1048105134bankerloadertrojan

behavioral2

icedid1048105134bankerloadertrojan