icedid | 95e2122578298f5b0e48dbb0aab079d2123aed82baccf99abc992df75e2b77e5 | Triage

Sharing

General

Target

Malware.zip
Size

647KB
Sample

230203-d7hjpsdg6y
MD5

d5ad6bcada6839c15ae7a7122b1d94b3
SHA1

b6833000ea62d40fd10932be8b283745fe45bbe0
SHA256

95e2122578298f5b0e48dbb0aab079d2123aed82baccf99abc992df75e2b77e5
SHA512

630d5ed33e962ef4b22dd5edfa5e872443c90d3c2c707e153ad39d4ec523ad391882fb8d13040dfc6ba5b7e815fa7a1a84c19578fb5e1f89958fe8636e1c2ab2
SSDEEP

12288:66sNfIGTnIYDvrdOJYJKCZMUtbJNuYaVBgJoB9AAsSmTS61cd2EV7HaDL4cJKqw3:ONfIyrABaHV4YAwoBeImeJd2676DHa7B

Score

10^/10

icedid 2255569783 banker trojan

Malware Config

Extracted

Family

icedid

Campaign

2255569783

Targets

- Target
  
  RunDLL-1.bat
- Size
  
  27B
- MD5
  
  fe56021fdf990bbd7922f23124604fbb
- SHA1
  
  1f2b32b3d4820d3037ed8b60f1f59b9a4430937e
- SHA256
  
  cd00124e4f9c80290906da4c71a96cfb011e0e91ed93c0740bfa7ab9cdb03002
- SHA512
  
  de1e958a9791734211bcbe4ee4004c9475a8cbc3221b4cc0daa8283c832192896ae33e8ce043b7e65dca52628efd73e42095bf01a07dbb91ad056f5c3e2c5aae
Score

10^/10

icedid 2255569783 banker trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid2255569783bankertrojan

behavioral2

icedid2255569783bankertrojan