icedid | a4f244ea588a4d55a542fe9c8fc6875d8b494acf7c2b970d420ff3a537f023cd | Triage

Analysis

max time kernel
63s
max time network
122s
platform
windows7_x64
resource
win7v20201028
submitted
11-11-2020 10:57

Sharing

Report Analysis Logs

General

Target

a4f244ea588a4d55a542fe9c8fc6875d8b494acf7c2b970d420ff3a537f023cd.exe
Size

325KB
MD5

a9fb0589c21012af1c70368b553204c3
SHA1

eeac24cda1f5767e7610a60c9d35b2d130ada3cb
SHA256

a4f244ea588a4d55a542fe9c8fc6875d8b494acf7c2b970d420ff3a537f023cd
SHA512

25bd5ec75f10fef1397e4479d38e9c023ef06016b397ef62e285bcdd03ddfd354e1e064d63cca5c940fa72c348766f82024667d8c90606c4fa06601c64e0ee8e

Score

10^/10

icedid banker trojan

Malware Config

Signatures

IcedID, BokBot
IcedID is a banking trojan capable of stealing credentials.
trojan banker icedid

IcedID Core Payload 1 IoCs

Processes:

resource	yara_rule
behavioral1/memory/1924-0-0x0000000003220000-0x00000000032C6000-memory.dmp	Icedid_core

C:\Users\Admin\AppData\Local\Temp\a4f244ea588a4d55a542fe9c8fc6875d8b494acf7c2b970d420ff3a537f023cd.exe
"C:\Users\Admin\AppData\Local\Temp\a4f244ea588a4d55a542fe9c8fc6875d8b494acf7c2b970d420ff3a537f023cd.exe"
1⤵
PID:1924

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1924-0-0x0000000003220000-0x00000000032C6000-memory.dmp

Filesize
664KB

Download