icedid | 2ea621a9f9c8451d0773fd5a3d9f92332cd73ec8d26785e5c85ba4bf8ee9c384 | Triage

Sharing

General

Target

JaffaCakes118_2ea621a9f9c8451d0773fd5a3d9f92332cd73ec8d26785e5c85ba4bf8ee9c384
Size

490KB
Sample

241222-lxy3pstlet
MD5

c0e0d800ef43d4a6ad28ba0fc4545204
SHA1

c1cda81c3d704c7d73bd0aaaaf8a7ffd5cae9a06
SHA256

2ea621a9f9c8451d0773fd5a3d9f92332cd73ec8d26785e5c85ba4bf8ee9c384
SHA512

06c417669917f6da3e1eb430a8ab7c0548efda4b8dab6c87088a6ee93a6d14873d17b351b2077974aefaaabed9f7574122cd8e082e99d720904faf65abc0d57d
SSDEEP

12288:mFnmEQb6xK6EOcEELeBdUDBBe6pLtzPhGHUaRK:knmj6xK1y3Ik6TZGRK

Score

10^/10

icedid 3467965077 banker loader trojan

Malware Config

Extracted

Family

icedid

Campaign

3467965077

C2

firenicatrible.com

Targets

- Target
  
  JaffaCakes118_2ea621a9f9c8451d0773fd5a3d9f92332cd73ec8d26785e5c85ba4bf8ee9c384
- Size
  
  490KB
- MD5
  
  c0e0d800ef43d4a6ad28ba0fc4545204
- SHA1
  
  c1cda81c3d704c7d73bd0aaaaf8a7ffd5cae9a06
- SHA256
  
  2ea621a9f9c8451d0773fd5a3d9f92332cd73ec8d26785e5c85ba4bf8ee9c384
- SHA512
  
  06c417669917f6da3e1eb430a8ab7c0548efda4b8dab6c87088a6ee93a6d14873d17b351b2077974aefaaabed9f7574122cd8e082e99d720904faf65abc0d57d
- SSDEEP
  
  12288:mFnmEQb6xK6EOcEELeBdUDBBe6pLtzPhGHUaRK:knmj6xK1y3Ik6TZGRK
Score

10^/10

icedid 3467965077 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Icedid family
  icedid
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid3467965077bankerloadertrojan

behavioral2

icedid3467965077bankerloadertrojan