icedid | 07dc8e1f3fb41eab6c9da870442d4fb31b12a90cd988103734dcd6b5fd86c3df | Triage

Sharing

General

Target

afd56eb241a34afd74813a114b6d875c.bin
Size

108KB
Sample

230217-b1j3vadb73
MD5

78244f29cca7c102547ae9b8639ef7db
SHA1

e6650919a41636888deff7d7e11538b4f7dda0ac
SHA256

07dc8e1f3fb41eab6c9da870442d4fb31b12a90cd988103734dcd6b5fd86c3df
SHA512

7e981d42143016901990cd4309b67dc9b3373de2d2282f49604131f3f2fadeac4dbbbaa3c6156eef53852e4e352db382ff05df2f89215c6f9679159a66bc8d69
SSDEEP

1536:nMVWNdw9SJsB7Ia3+MoAK6GXt8usCLlwM+GlwRc6rFBg4iHd6huvT4k:nMYP9JsFZ+qTGXt8mn+gqcyqd6hJk

Score

10^/10

icedid 2076641214 banker loader trojan

Malware Config

Extracted

Family

icedid

Campaign

2076641214

C2

alishabrindeader.com

Targets

- Target
  
  Setup_Win_15-02-2023_18-31-39.exe
- Size
  
  708.3MB
- MD5
  
  732e9dd4f59940c7305b42be3bf6dee6
- SHA1
  
  d3ac1b871007f572c439fdede13c42b30c082abb
- SHA256
  
  17ecd92abf803b1d922eb945205e0e5d65a9de44e2547325fb658c13d3f8337d
- SHA512
  
  5d54cfafafdbbcfeeb04e163f061c7dc1b835d2730991e27716770bc2ac6df34ebc82aaff69dfc40d03a10af63b84cc58a2c2588f9907b8c40b03b7076bd7100
- SSDEEP
  
  3072:ibRlETFNpVR3utDFr0IiYimbUAEG6aOyYYNqGHY7MZa2LaE60DVgxxPs:0Cdei1aUA16ajKMzok
Score

10^/10

icedid 2076641214 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

icedid2076641214bankerloadertrojan

behavioral2

icedid2076641214bankerloadertrojan