icedid | 6302f08805736a80b939c7b4e226bc7c0201c8ea567f0aaa5ac058c87c6c829f | Triage

Sharing

General

Target

6302f08805736a80b939c7b4e226bc7c0201c8ea567f0aaa5ac058c87c6c829f.exe
Size

671KB
Sample

240819-f4e1hszdql
MD5

0d39f2d793cf4c44d27d10dd53bf8b25
SHA1

54435ecd9efad8ac9d8938668487877136bbfbf8
SHA256

6302f08805736a80b939c7b4e226bc7c0201c8ea567f0aaa5ac058c87c6c829f
SHA512

42d88ee9adb8bad2c3e1651681e2111555a4f61781587c340295f29715905c1b76b0ee0ed37e281817cbdc655a62ee38bb1ee88081705cf1ddba47899598f731
SSDEEP

12288:4ormUG1wwQS2ijcSBC6nTSYkFzGC9055EnY/WAlibW4pBMLbN9vbu42oGHvAPIdI:4NUkQ5CTSYkFX9o5EnWllibZpBMvN5b3

Score

10^/10

icedid 1060798742 banker loader trojan

Malware Config

Extracted

Family

icedid

Campaign

1060798742

C2

carismorth.com

Targets

- Target
  
  6302f08805736a80b939c7b4e226bc7c0201c8ea567f0aaa5ac058c87c6c829f.exe
- Size
  
  671KB
- MD5
  
  0d39f2d793cf4c44d27d10dd53bf8b25
- SHA1
  
  54435ecd9efad8ac9d8938668487877136bbfbf8
- SHA256
  
  6302f08805736a80b939c7b4e226bc7c0201c8ea567f0aaa5ac058c87c6c829f
- SHA512
  
  42d88ee9adb8bad2c3e1651681e2111555a4f61781587c340295f29715905c1b76b0ee0ed37e281817cbdc655a62ee38bb1ee88081705cf1ddba47899598f731
- SSDEEP
  
  12288:4ormUG1wwQS2ijcSBC6nTSYkFzGC9055EnY/WAlibW4pBMLbN9vbu42oGHvAPIdI:4NUkQ5CTSYkFX9o5EnWllibZpBMvN5b3
Score

10^/10

icedid 1060798742 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid1060798742bankerloadertrojan

behavioral2

icedid1060798742bankerloadertrojan