icedid | d2ddddc9aecf6d0b012c4a4434f3487e3ec3ac0c81f95f4e7595ffa7e8c30eb8 | Triage

Sharing

General

Target

JaffaCakes118_d2ddddc9aecf6d0b012c4a4434f3487e3ec3ac0c81f95f4e7595ffa7e8c30eb8
Size

490KB
Sample

241223-x2kxesykhq
MD5

eb9664abd8eb0d215ab2dfef0df05693
SHA1

381ba09dd102e5111f60493ff4e74acacce5188d
SHA256

d2ddddc9aecf6d0b012c4a4434f3487e3ec3ac0c81f95f4e7595ffa7e8c30eb8
SHA512

3b387ede50149ff457fae9e43b64c6a5e963016884a31c854329a717dc700c5fba8debb9a6d7501f7bef8f85564e63c59ef9ef125f541b7fb38adb9ca6b2f3c7
SSDEEP

12288:mFnmEQb6xK6EOcEELeBdUDBBe6pLtzPhGHUaRH:knmj6xK1y3Ik6TZGRH

Score

10^/10

icedid 3467965077 banker loader trojan

Malware Config

Extracted

Family

icedid

Campaign

3467965077

C2

firenicatrible.com

Targets

- Target
  
  JaffaCakes118_d2ddddc9aecf6d0b012c4a4434f3487e3ec3ac0c81f95f4e7595ffa7e8c30eb8
- Size
  
  490KB
- MD5
  
  eb9664abd8eb0d215ab2dfef0df05693
- SHA1
  
  381ba09dd102e5111f60493ff4e74acacce5188d
- SHA256
  
  d2ddddc9aecf6d0b012c4a4434f3487e3ec3ac0c81f95f4e7595ffa7e8c30eb8
- SHA512
  
  3b387ede50149ff457fae9e43b64c6a5e963016884a31c854329a717dc700c5fba8debb9a6d7501f7bef8f85564e63c59ef9ef125f541b7fb38adb9ca6b2f3c7
- SSDEEP
  
  12288:mFnmEQb6xK6EOcEELeBdUDBBe6pLtzPhGHUaRH:knmj6xK1y3Ik6TZGRH
Score

10^/10

icedid 3467965077 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Icedid family
  icedid
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid3467965077bankerloadertrojan

behavioral2

icedid3467965077bankerloadertrojan