icedid | 99fd0558abc190ddf332172b6ca31c432eaa00a52d3c7be228656472e53a9cd7 | Triage

Sharing

General

Target

99fd0558abc190ddf332172b6ca31c432eaa00a52d3c7be228656472e53a9cd7.exe
Size

65KB
Sample

221112-k4fn9shg6x
MD5

b2c4cd82c628d4b71cabe53fad55ae19
SHA1

1a23e6cde426240bbf9ac7e3c611e21e0910b516
SHA256

99fd0558abc190ddf332172b6ca31c432eaa00a52d3c7be228656472e53a9cd7
SHA512

3ae826d85af91799e06b2c9cedb1ffad3a03272197c3e3d584f789803c8af1e931fe11eff1b7e80b288ff79b7dc32896a3ec9ac69d2d13e3a83bdb848aaad716
SSDEEP

1536:92oYJqQ4eoLjTipZrS5oX4vWGCgOoi/17IvLiVps:woqXofupZm5TCgWxaCp

Score

10^/10

icedid 3526094074 banker loader trojan

Malware Config

Extracted

Family

icedid

Campaign

3526094074

C2

scinetkoshir.com

Targets

- Target
  
  99fd0558abc190ddf332172b6ca31c432eaa00a52d3c7be228656472e53a9cd7.exe
- Size
  
  65KB
- MD5
  
  b2c4cd82c628d4b71cabe53fad55ae19
- SHA1
  
  1a23e6cde426240bbf9ac7e3c611e21e0910b516
- SHA256
  
  99fd0558abc190ddf332172b6ca31c432eaa00a52d3c7be228656472e53a9cd7
- SHA512
  
  3ae826d85af91799e06b2c9cedb1ffad3a03272197c3e3d584f789803c8af1e931fe11eff1b7e80b288ff79b7dc32896a3ec9ac69d2d13e3a83bdb848aaad716
- SSDEEP
  
  1536:92oYJqQ4eoLjTipZrS5oX4vWGCgOoi/17IvLiVps:woqXofupZm5TCgWxaCp
Score

10^/10

icedid 3526094074 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid3526094074bankerloadertrojan

behavioral2

icedid3526094074bankerloadertrojan