icedid | fc170812c422b9c20767427cfe0bc278cdd2abdef581f1bfc4d1d1b1339b1e7c | Triage

Sharing

General

Target

JaffaCakes118_fc170812c422b9c20767427cfe0bc278cdd2abdef581f1bfc4d1d1b1339b1e7c
Size

534KB
Sample

241222-qgcxrayrds
MD5

3d4e55a4745a8682b08eefa18239bf76
SHA1

2fa2ae1bbb00d1ec202934b7f0ccbd3a977d90b5
SHA256

fc170812c422b9c20767427cfe0bc278cdd2abdef581f1bfc4d1d1b1339b1e7c
SHA512

c83a96c4f18b06ac6a608193d8312bbcabd132cae90a4bbb73c4832e06a6d7c9806e40c7caa604277406d670644877d2d2ab0d8f9e2385b746edb7589879da34
SSDEEP

12288:eSfYBh+z8zl6j+lMo0/BmkEg0w9wqL8iqKSI/YVG:eSwBhoAl6yOF83g0OLuPIgV

Score

10^/10

icedid 227378761 banker loader trojan

Malware Config

Extracted

Family

icedid

Campaign

227378761

C2

blionarywesta.com

Targets

- Target
  
  JaffaCakes118_fc170812c422b9c20767427cfe0bc278cdd2abdef581f1bfc4d1d1b1339b1e7c
- Size
  
  534KB
- MD5
  
  3d4e55a4745a8682b08eefa18239bf76
- SHA1
  
  2fa2ae1bbb00d1ec202934b7f0ccbd3a977d90b5
- SHA256
  
  fc170812c422b9c20767427cfe0bc278cdd2abdef581f1bfc4d1d1b1339b1e7c
- SHA512
  
  c83a96c4f18b06ac6a608193d8312bbcabd132cae90a4bbb73c4832e06a6d7c9806e40c7caa604277406d670644877d2d2ab0d8f9e2385b746edb7589879da34
- SSDEEP
  
  12288:eSfYBh+z8zl6j+lMo0/BmkEg0w9wqL8iqKSI/YVG:eSwBhoAl6yOF83g0OLuPIgV
Score

10^/10

icedid 227378761 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Icedid family
  icedid
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid227378761bankerloadertrojan

behavioral2

icedid227378761bankerloadertrojan