icedid | f69527775e7d7c4d50efbe080f6ccf0aba0fba96ddbe96403f8b00fe2a1ee11c | Triage

Submit
Reports

Overview

overview

Static

static

3

d2d2a0e222...0N.exe

windows7-x64

d2d2a0e222...0N.exe

windows10-2004-x64

Sharing

General

Target

d2d2a0e222cdc86c64a9a761c2fed580N
Size

638KB
Sample

240913-x25a3avbmg
MD5

d2d2a0e222cdc86c64a9a761c2fed580
SHA1

1e8907cce7a08fe3a7105515cc12160b4084fba2
SHA256

f69527775e7d7c4d50efbe080f6ccf0aba0fba96ddbe96403f8b00fe2a1ee11c
SHA512

9d23a9d18b2dcc465f734756ce35d6046cfa3e85eca54a59d9d028e81ca48e65127587d90f86cfdff1410a3263ff804f12c46f013484fc02e8b3f09152ffd053
SSDEEP

6144:1j6rqZeZ6ryI8yG4B0ZwNJ6eXSYmQE/JNpARuEk7OeZS22aQZnLd8ZenJ:1+qZeZwyILgZi6YZmX/JHzZpQZf

Score

10^/10

icedid 146076989 banker discovery loader trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

d2d2a0e222cdc86c64a9a761c2fed580N.exe

Resource

win7-20240903-en

icedid 146076989 banker discovery loader trojan

windows7-x64

4 signatures

120 seconds

Behavioral task

behavioral2

Sample

d2d2a0e222cdc86c64a9a761c2fed580N.exe

Resource

win10v2004-20240802-en

icedid 146076989 banker discovery loader trojan

windows10-2004-x64

4 signatures

120 seconds

Malware Config

Extracted

Family

icedid

Extracted

Family

icedid

Botnet

146076989

C2

kostacardsplayer.pro

kostafootball.info

countrylandlords.info

landiscloudlord.red

Attributes

auth_var
1
url_path
/index.php

Targets

- Target
  
  d2d2a0e222cdc86c64a9a761c2fed580N
- Size
  
  638KB
- MD5
  
  d2d2a0e222cdc86c64a9a761c2fed580
- SHA1
  
  1e8907cce7a08fe3a7105515cc12160b4084fba2
- SHA256
  
  f69527775e7d7c4d50efbe080f6ccf0aba0fba96ddbe96403f8b00fe2a1ee11c
- SHA512
  
  9d23a9d18b2dcc465f734756ce35d6046cfa3e85eca54a59d9d028e81ca48e65127587d90f86cfdff1410a3263ff804f12c46f013484fc02e8b3f09152ffd053
- SSDEEP
  
  6144:1j6rqZeZ6ryI8yG4B0ZwNJ6eXSYmQE/JNpARuEk7OeZS22aQZnLd8ZenJ:1+qZeZwyILgZi6YZmX/JHzZpQZf
Score

10^/10

icedid 146076989 banker discovery loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- IcedID Second Stage Loader
  loader
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

icedid146076989bankerdiscoveryloadertrojan

behavioral2

icedid146076989bankerdiscoveryloadertrojan

© 2018-2025

Terms | Privacy