icedid | 65e509ba0ec10d28c4183dbb7910374e4ec664bdd276e37d9c0ca2ce479772bf | Triage

Sharing

General

Target

65e509ba0ec10d28c4183dbb7910374e4ec664bdd276e37d9c0ca2ce479772bf
Size

2.7MB
Sample

221219-1dpggsbc7w
MD5

2a52de53972a801102ebf18f68a152f5
SHA1

335d037805e52deb3b604cb0838c4f8bf6f67fec
SHA256

65e509ba0ec10d28c4183dbb7910374e4ec664bdd276e37d9c0ca2ce479772bf
SHA512

862e4d9eb09c59bd661dee3fe6914b1e7b88c1a99f353da6c3de310a9d1abf2c09d71ef12f375ce7e3a155909454d1d7ae7afedb1318746e443b188e71c67c8d
SSDEEP

24576:+wkH3QY3UZp/g+/GomPS0AuYOW+EzI7L/Cge89x0Jh23NFEi:+5AMUHsJAuYOWnzGi89mJh2dFEi

Score

10^/10

icedid 2944922576 banker loader trojan

Malware Config

Extracted

Family

icedid

Campaign

2944922576

C2

trbiriumpa.com

Targets

- Target
  
  65e509ba0ec10d28c4183dbb7910374e4ec664bdd276e37d9c0ca2ce479772bf
- Size
  
  2.7MB
- MD5
  
  2a52de53972a801102ebf18f68a152f5
- SHA1
  
  335d037805e52deb3b604cb0838c4f8bf6f67fec
- SHA256
  
  65e509ba0ec10d28c4183dbb7910374e4ec664bdd276e37d9c0ca2ce479772bf
- SHA512
  
  862e4d9eb09c59bd661dee3fe6914b1e7b88c1a99f353da6c3de310a9d1abf2c09d71ef12f375ce7e3a155909454d1d7ae7afedb1318746e443b188e71c67c8d
- SSDEEP
  
  24576:+wkH3QY3UZp/g+/GomPS0AuYOW+EzI7L/Cge89x0Jh23NFEi:+5AMUHsJAuYOWnzGi89mJh2dFEi
Score

10^/10

icedid 2944922576 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

icedid2944922576bankerloadertrojan