icedid | 112f268339b6811b60fd64a3f8f0f9e7fec990510739be6f5438a72ceb1e5f38 | Triage

Sharing

General

Target

plank.temp
Size

100KB
Sample

221118-xexbyacb95
MD5

585f4b565c555cf7bcf652133c14066c
SHA1

6c11d4165e612661e0c4cb41dc4ddeaf1774a11e
SHA256

112f268339b6811b60fd64a3f8f0f9e7fec990510739be6f5438a72ceb1e5f38
SHA512

d3bf12e3a2bd12dbfd383d611dca3707886cc08153534b0c114d3b05cd379af3717a0e6f427076bfa048a5d08dc36cd1c5c5ee6545c7eb7a26ae966c4ff1d25c
SSDEEP

1536:EZO05V5sA9tXrTMMv6OHKj2luFY0xS57B3l/ApekzDsw9BM8cpmSn0l7i59:yjDMM3A6XkbfcQin

Score

10^/10

icedid 3822462527 banker loader trojan

Malware Config

Extracted

Family

icedid

Campaign

3822462527

C2

sciiultaelinoza.com

Targets

- Target
  
  plank.temp
- Size
  
  100KB
- MD5
  
  585f4b565c555cf7bcf652133c14066c
- SHA1
  
  6c11d4165e612661e0c4cb41dc4ddeaf1774a11e
- SHA256
  
  112f268339b6811b60fd64a3f8f0f9e7fec990510739be6f5438a72ceb1e5f38
- SHA512
  
  d3bf12e3a2bd12dbfd383d611dca3707886cc08153534b0c114d3b05cd379af3717a0e6f427076bfa048a5d08dc36cd1c5c5ee6545c7eb7a26ae966c4ff1d25c
- SSDEEP
  
  1536:EZO05V5sA9tXrTMMv6OHKj2luFY0xS57B3l/ApekzDsw9BM8cpmSn0l7i59:yjDMM3A6XkbfcQin
Score

10^/10

icedid 3822462527 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid3822462527bankerloadertrojan

behavioral2

icedid3822462527bankerloadertrojan