icedid | 65e45942fd86dca630ae7fea45d6d7aeb231a2ab29572b7649212d2822cfc43f | Triage

Sharing

General

Target

c3aa5d375930415935b167cb7c92e7de.bin
Size

452KB
Sample

221026-x4gmsaggej
MD5

c3aa5d375930415935b167cb7c92e7de
SHA1

a072e771509f014530a769811c76f2ad67389a54
SHA256

65e45942fd86dca630ae7fea45d6d7aeb231a2ab29572b7649212d2822cfc43f
SHA512

42d22a255530c9f6c98f219994c5f4ecb3a51c11de840b152e189975feb9529a391c22aaa1dcc9107d537498f103480d281914d675270ed84e5a484b4c7ad15d
SSDEEP

6144:ST5bfQULr+agxZ49J//pZV2jCJOuIBJ0vr:STN5vgxZ6/RmuJOuWOr

Score

10^/10

icedid 2349072319 banker loader trojan

Malware Config

Extracted

Family

icedid

Campaign

2349072319

C2

sebdgoldingor.com

Targets

- Target
  
  c3aa5d375930415935b167cb7c92e7de.bin
- Size
  
  452KB
- MD5
  
  c3aa5d375930415935b167cb7c92e7de
- SHA1
  
  a072e771509f014530a769811c76f2ad67389a54
- SHA256
  
  65e45942fd86dca630ae7fea45d6d7aeb231a2ab29572b7649212d2822cfc43f
- SHA512
  
  42d22a255530c9f6c98f219994c5f4ecb3a51c11de840b152e189975feb9529a391c22aaa1dcc9107d537498f103480d281914d675270ed84e5a484b4c7ad15d
- SSDEEP
  
  6144:ST5bfQULr+agxZ49J//pZV2jCJOuIBJ0vr:STN5vgxZ6/RmuJOuWOr
Score

10^/10

icedid 2349072319 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid2349072319bankerloadertrojan

behavioral2

icedid2349072319bankerloadertrojan