icedid | 3f8e10ad6edc1938750835984ff9b3f27b46720791aed021506c3894368c9ab5 | Triage

Sharing

General

Target

7078612
Size

65KB
Sample

221110-nvg3hshec9
MD5

902c1b4f76ebedc0f4dc433f73006cf7
SHA1

65c8d253bdde13d1f106efe274018d3cdce322c6
SHA256

3f8e10ad6edc1938750835984ff9b3f27b46720791aed021506c3894368c9ab5
SHA512

b4d0cfff21d5b69d1bab61bc4057a87c2498dbc11928aba4d38408e7397f43f3a7e65d9b739daaef0ab18a53a3a85ea7a3ac9ea1e0e9ec2920f22fe32168698d
SSDEEP

1536:vLx7AGaJtTYAoGuPb4EijqANEmlVBBu2pG:l7AGa3TqOj9JZp

Score

10^/10

icedid 3526094074 banker loader trojan

Malware Config

Extracted

Family

icedid

Campaign

3526094074

C2

scinetkoshir.com

Targets

- Target
  
  7078612
- Size
  
  65KB
- MD5
  
  902c1b4f76ebedc0f4dc433f73006cf7
- SHA1
  
  65c8d253bdde13d1f106efe274018d3cdce322c6
- SHA256
  
  3f8e10ad6edc1938750835984ff9b3f27b46720791aed021506c3894368c9ab5
- SHA512
  
  b4d0cfff21d5b69d1bab61bc4057a87c2498dbc11928aba4d38408e7397f43f3a7e65d9b739daaef0ab18a53a3a85ea7a3ac9ea1e0e9ec2920f22fe32168698d
- SSDEEP
  
  1536:vLx7AGaJtTYAoGuPb4EijqANEmlVBBu2pG:l7AGa3TqOj9JZp
Score

10^/10

icedid 3526094074 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid3526094074bankerloadertrojan

behavioral2

icedid3526094074bankerloadertrojan