icedid | 39c460c865e114c7378470e55fb35ac88933260023e9c4ffb018adfd78c2d8e8 | Triage

Sharing

General

Target

Setup_Win_18-01-2023_22-25-35.zip
Size

1003KB
Sample

230118-2dn2dsbe36
MD5

6b7c04f1a6b29063ccac4cb9feac2200
SHA1

b8381206033dda724b0b1520bc6d56b960a230df
SHA256

39c460c865e114c7378470e55fb35ac88933260023e9c4ffb018adfd78c2d8e8
SHA512

dadafa4726da681168a9b0889a6a5faf79bd2e81478cfe0c76ccec43a4d1a708b05169c469ea5dd06add7298f75356f042cb65e0e1698407aa320630e537a7c4
SSDEEP

6144:nJ8JubGdRfgPSF8/Ok/CNt90Nrtdi5Vwh5rtcdn67W+7VXmzAn:J8J/7gPSF85/OGtw5Vu5Rcd8UzW

Score

10^/10

icedid 3248465841 banker loader trojan

Malware Config

Extracted

Family

icedid

Campaign

3248465841

C2

qsertopinajil.com

Targets

- Target
  
  Setup_Win_18-01-2023_22-25-33.exe
- Size
  
  700.5MB
- MD5
  
  b2e19c042b2d980fb7643fa9e631fef4
- SHA1
  
  aa8393cd629d45d84c8e3067d8efc00a30279808
- SHA256
  
  474e6e1d202ad6e43943a1d41ee2a0beefcd07e6b9f429399b5168d1d9386f27
- SHA512
  
  cc08e53e8c5408274efe3fe0ecf65581940b95247f0c3a272a4c10304c0f87c99fe57bcf3d3ab3029bd8e508b4882d761bdc214cba5657c72f19c691494f9d10
- SSDEEP
  
  12288:9EhbGjyY7sncGXWbo3dW6CVg5R6d+UzBJ:9ebOyY7knWbqCajURP
Score

10^/10

icedid 3248465841 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid3248465841bankerloadertrojan

behavioral2

icedid3248465841bankerloadertrojan