icedid | 07dc8e1f3fb41eab6c9da870442d4fb31b12a90cd988103734dcd6b5fd86c3df | Triage

Sharing

General

Target

afd56eb241a34afd74813a114b6d875c.bin
Size

108KB
Sample

230217-b1j3vadb73
MD5

78244f29cca7c102547ae9b8639ef7db
SHA1

e6650919a41636888deff7d7e11538b4f7dda0ac
SHA256

07dc8e1f3fb41eab6c9da870442d4fb31b12a90cd988103734dcd6b5fd86c3df
SHA512

7e981d42143016901990cd4309b67dc9b3373de2d2282f49604131f3f2fadeac4dbbbaa3c6156eef53852e4e352db382ff05df2f89215c6f9679159a66bc8d69
SSDEEP

1536:nMVWNdw9SJsB7Ia3+MoAK6GXt8usCLlwM+GlwRc6rFBg4iHd6huvT4k:nMYP9JsFZ+qTGXt8mn+gqcyqd6hJk

Score

10^/10

icedid 2076641214 banker loader trojan

Malware Config

Extracted

Family

icedid

Campaign

2076641214

C2

alishabrindeader.com

Targets

- Target
  
  Setup_Win_15-02-2023_18-31-39.exe
- Size
  
  708.3MB
- MD5
  
  732e9dd4f59940c7305b42be3bf6dee6
- SHA1
  
  d3ac1b871007f572c439fdede13c42b30c082abb
- SHA256
  
  17ecd92abf803b1d922eb945205e0e5d65a9de44e2547325fb658c13d3f8337d
- SHA512
  
  5d54cfafafdbbcfeeb04e163f061c7dc1b835d2730991e27716770bc2ac6df34ebc82aaff69dfc40d03a10af63b84cc58a2c2588f9907b8c40b03b7076bd7100
- SSDEEP
  
  3072:ibRlETFNpVR3utDFr0IiYimbUAEG6aOyYYNqGHY7MZa2LaE60DVgxxPs:0Cdei1aUA16ajKMzok
Score

10^/10

icedid 2076641214 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

icedid2076641214bankerloadertrojan

behavioral2

icedid2076641214bankerloadertrojan