icedid | 8e61175164c6a7c3f4fcd372f11f8d19189448b3adad332429823a4ad2d1d92f | Triage

Analysis

max time kernel
128s
max time network
130s
platform
windows7_x64
resource
win7v20201028
submitted
15-11-2020 23:04

Sharing

Report Analysis Logs

General

Target

8e61175164c6a7c3f4fcd372f11f8d19189448b3adad332429823a4ad2d1d92f.exe
Size

325KB
MD5

c1b3ab21e5cc5de7a187772374f3c051
SHA1

0b7bcf6b9c0f4b1d6c01f606e61c53a736bcccb2
SHA256

8e61175164c6a7c3f4fcd372f11f8d19189448b3adad332429823a4ad2d1d92f
SHA512

0a9c44fbac0a68e969467090727ee2846ea850df02603b9468a9353ff28119fc31108df2a9d8d3bcd8f3726ad16cbf233d9b9543205a4e441f84da9e02c61c53

Score

10^/10

icedid banker trojan

Malware Config

Signatures

IcedID, BokBot
IcedID is a banking trojan capable of stealing credentials.
trojan banker icedid

IcedID Core Payload 1 IoCs

Processes:

resource	yara_rule
behavioral1/memory/1068-0-0x0000000003090000-0x0000000003136000-memory.dmp	Icedid_core

C:\Users\Admin\AppData\Local\Temp\8e61175164c6a7c3f4fcd372f11f8d19189448b3adad332429823a4ad2d1d92f.exe
"C:\Users\Admin\AppData\Local\Temp\8e61175164c6a7c3f4fcd372f11f8d19189448b3adad332429823a4ad2d1d92f.exe"
1⤵
PID:1068

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/1068-0-0x0000000003090000-0x0000000003136000-memory.dmp

Filesize
664KB

Download