icedid | 0d0aa6e0ed6ac3b1e20d49f7f94c91021a3a0be0b8825a78482f0d325e7a5bb2 | Triage

Sharing

General

Target

JaffaCakes118_0d0aa6e0ed6ac3b1e20d49f7f94c91021a3a0be0b8825a78482f0d325e7a5bb2
Size

490KB
Sample

241222-jksdaaznbl
MD5

540ba8bdce511f06d2bcbb3b755f8b08
SHA1

c07035c9143b1b62b63fd79d3be4326d5576dba6
SHA256

0d0aa6e0ed6ac3b1e20d49f7f94c91021a3a0be0b8825a78482f0d325e7a5bb2
SHA512

ada376673684f6562d75794479bc7c6f4cdb95f346657c03dc852178a32d666f2b384df7137f4e516e11f06c218c243b6239160e4edd4fad7aa6d9b0d3c92944
SSDEEP

12288:mFnmEQb6xK6EOcEELeBdUDBBe6pLtzPhGHUaRj:knmj6xK1y3Ik6TZGRj

Score

10^/10

icedid 3467965077 banker loader trojan

Malware Config

Extracted

Family

icedid

Campaign

3467965077

C2

firenicatrible.com

Targets

- Target
  
  JaffaCakes118_0d0aa6e0ed6ac3b1e20d49f7f94c91021a3a0be0b8825a78482f0d325e7a5bb2
- Size
  
  490KB
- MD5
  
  540ba8bdce511f06d2bcbb3b755f8b08
- SHA1
  
  c07035c9143b1b62b63fd79d3be4326d5576dba6
- SHA256
  
  0d0aa6e0ed6ac3b1e20d49f7f94c91021a3a0be0b8825a78482f0d325e7a5bb2
- SHA512
  
  ada376673684f6562d75794479bc7c6f4cdb95f346657c03dc852178a32d666f2b384df7137f4e516e11f06c218c243b6239160e4edd4fad7aa6d9b0d3c92944
- SSDEEP
  
  12288:mFnmEQb6xK6EOcEELeBdUDBBe6pLtzPhGHUaRj:knmj6xK1y3Ik6TZGRj
Score

10^/10

icedid 3467965077 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Icedid family
  icedid
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid3467965077bankerloadertrojan

behavioral2

icedid3467965077bankerloadertrojan