icedid | 433916382658909eddfca653bb6e6b951a7fec66020b205590a88883ad04d65e | Triage

Sharing

General

Target

5075e3a2ac31a24a7e702a9c874f6282_JaffaCakes118
Size

142KB
Sample

240729-s96rmswall
MD5

5075e3a2ac31a24a7e702a9c874f6282
SHA1

e5b8c76e5dd399ddda7b0e90f8e437844cdd0634
SHA256

433916382658909eddfca653bb6e6b951a7fec66020b205590a88883ad04d65e
SHA512

0193070874e3e6f64ac698407cc00667fd0e7a5a4bca32c4b54f38c4e25bece5314bf57c83fa9fe18e7c32273ffccfa08295188997d6b33f775fce62b9789714
SSDEEP

3072:YF+XutWYJ5mGCOdaurghr0cd1Pc/vyoS6OVXubST5DzBfO0r:OzoYaukl6io9O6Sl/

Score

10^/10

icedid banker discovery loader trojan

Malware Config

Extracted

Family

icedid

Targets

- Target
  
  5075e3a2ac31a24a7e702a9c874f6282_JaffaCakes118
- Size
  
  142KB
- MD5
  
  5075e3a2ac31a24a7e702a9c874f6282
- SHA1
  
  e5b8c76e5dd399ddda7b0e90f8e437844cdd0634
- SHA256
  
  433916382658909eddfca653bb6e6b951a7fec66020b205590a88883ad04d65e
- SHA512
  
  0193070874e3e6f64ac698407cc00667fd0e7a5a4bca32c4b54f38c4e25bece5314bf57c83fa9fe18e7c32273ffccfa08295188997d6b33f775fce62b9789714
- SSDEEP
  
  3072:YF+XutWYJ5mGCOdaurghr0cd1Pc/vyoS6OVXubST5DzBfO0r:OzoYaukl6io9O6Sl/
Score

10^/10

icedid banker discovery loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- IcedID Second Stage Loader
  loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

icedidbankerdiscoveryloadertrojan

behavioral2

icedidbankerdiscoveryloadertrojan