icedid | e0d40aaf4e09fa69aaf6ee0858b18a6d9f036737914dd42061d8a10e2595929d | Triage

Resubmissions

11-01-2023 12:28

230111-pnnr6afh6y 10

11-01-2023 12:27

230111-pm114afh6x 1

Sharing

General

Target

Inv_246_Jan-01_Copy.zip
Size

338KB
Sample

230111-pnnr6afh6y
MD5

476898988e061573ae520e22513b8ce6
SHA1

0509467c8301dbb173ed2b68433e3bfa918cc75e
SHA256

e0d40aaf4e09fa69aaf6ee0858b18a6d9f036737914dd42061d8a10e2595929d
SHA512

40a202c8cf276cc9baf0ae5af3d5869849d31ce798592344770e7a8ad65c9260b08d2dae88be8765c24023e363af9a31137f61349aefa12ee27c939f68e4b793
SSDEEP

6144:f9mKHBHklhbsbNEMepLNgrl803tGv+k0fP/QjvfqtEjOlWMlW:L1KtK6LNylVtbP/QIIxMlW

Score

10^/10

icedid 3131022508 banker loader trojan

Malware Config

Extracted

Family

icedid

Campaign

3131022508

C2

wagringamuk.com

Targets

- Target
  
  Inv_246_Jan-01_Copy.zip
- Size
  
  338KB
- MD5
  
  476898988e061573ae520e22513b8ce6
- SHA1
  
  0509467c8301dbb173ed2b68433e3bfa918cc75e
- SHA256
  
  e0d40aaf4e09fa69aaf6ee0858b18a6d9f036737914dd42061d8a10e2595929d
- SHA512
  
  40a202c8cf276cc9baf0ae5af3d5869849d31ce798592344770e7a8ad65c9260b08d2dae88be8765c24023e363af9a31137f61349aefa12ee27c939f68e4b793
- SSDEEP
  
  6144:f9mKHBHklhbsbNEMepLNgrl803tGv+k0fP/QjvfqtEjOlWMlW:L1KtK6LNylVtbP/QIIxMlW
Score

10^/10

icedid 3131022508 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Blocklisted process makes network request
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid3131022508bankerloadertrojan

behavioral2