Overview

overview

10

Static

static

8929982d9f...72.exe

windows7_x64

10

8929982d9f...72.exe

windows10_x64

10

Analysis

  • max time kernel
    13s
  • max time network
    112s
  • platform
    windows10_x64
  • resource
    win10v20201028
  • submitted
    09-11-2020 21:35

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    8929982d9f3d979174b880297e3fd2a81f359d6bf7ab0d47ec0207da8dfa7b72.exe

  • Size

    409KB

  • MD5

    1ab15c4f1e6d6ebb7ac973e65730ea47

  • SHA1

    66f368b0a24c30b3c89229e90c927d68a9670692

  • SHA256

    8929982d9f3d979174b880297e3fd2a81f359d6bf7ab0d47ec0207da8dfa7b72

  • SHA512

    b837fa6e727b45f1fe8aebab2ccd05ae1bdb396dfdb12894d2fe5773c1a84479386ac2243a760d0d1fae31420664124d128c15459ed4271cf57377c2fb2052ee

Score
10/10
icedidbankerloadertrojan

Malware Config

Extracted

Family

icedid

C2

boatliker.top

autofiller.top

Signatures

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

    trojanbankericedid
  • IcedID Core Payload 1 IoCs
  • IcedID Second Stage Loader 1 IoCs
    loader
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\8929982d9f3d979174b880297e3fd2a81f359d6bf7ab0d47ec0207da8dfa7b72.exe
    "C:\Users\Admin\AppData\Local\Temp\8929982d9f3d979174b880297e3fd2a81f359d6bf7ab0d47ec0207da8dfa7b72.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:944

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/944-0-0x0000000002260000-0x0000000002266000-memory.dmp

    Filesize

    24KB

    Download

  • memory/944-1-0x00000000033B0000-0x0000000003456000-memory.dmp

    Filesize

    664KB

    Download