icedid | 2b9cba43290c9d4cc2d6a47432ddac5752c63e5ac519c2056ba466580424ed3b | Triage

Sharing

General

Target

2b9cba43290c9d4cc2d6a47432ddac5752c63e5ac519c2056ba466580424ed3b
Size

169KB
Sample

240410-l4p4dabg52
MD5

81fc38de5b6197c4db58eb506037e7cb
SHA1

c2258ab3204e6061d548df202c99aa361242d848
SHA256

2b9cba43290c9d4cc2d6a47432ddac5752c63e5ac519c2056ba466580424ed3b
SHA512

4c96e9104e55454e741a13be34a7c5a3afb8d0d17c1924d629acbd487975d88d4435fd46b34649defe2d047ff4c84e06c4a0d0176085c7b5ab4d80eed18b0d9a
SSDEEP

3072:PcP8DY7QvQMXI/zCMAo14+X0cmPfGMdC+htVenbE:0rISTEZRCG6nbE

Score

10^/10

icedid 1875681804 banker loader trojan

Malware Config

Extracted

Family

icedid

Campaign

1875681804

C2

enticationmetho.ink

Targets

- Target
  
  2b9cba43290c9d4cc2d6a47432ddac5752c63e5ac519c2056ba466580424ed3b
- Size
  
  169KB
- MD5
  
  81fc38de5b6197c4db58eb506037e7cb
- SHA1
  
  c2258ab3204e6061d548df202c99aa361242d848
- SHA256
  
  2b9cba43290c9d4cc2d6a47432ddac5752c63e5ac519c2056ba466580424ed3b
- SHA512
  
  4c96e9104e55454e741a13be34a7c5a3afb8d0d17c1924d629acbd487975d88d4435fd46b34649defe2d047ff4c84e06c4a0d0176085c7b5ab4d80eed18b0d9a
- SSDEEP
  
  3072:PcP8DY7QvQMXI/zCMAo14+X0cmPfGMdC+htVenbE:0rISTEZRCG6nbE
Score

10^/10

icedid 1875681804 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

icedid1875681804bankerloadertrojan

behavioral2

icedid1875681804bankerloadertrojan