icedid | e29f24366f2af07759225ce7f4e5b758e7c76e7b9ced3bdd28ef25cfd7946499 | Triage

Submit
Reports

Overview

overview

Static

static

095f52f43b...bc.exe

windows7_x64

095f52f43b...bc.exe

windows10_x64

Sharing

General

Target

095f52f43b002fce2a5aba3edd0212bc
Size

698KB
Sample

201117-l4291m9cma
MD5

fdffa71991e6f70f1cbed8dc1a6ba3f4
SHA1

34b4808f086901f8526a789a108273ca0124145f
SHA256

e29f24366f2af07759225ce7f4e5b758e7c76e7b9ced3bdd28ef25cfd7946499
SHA512

8d913162b0d7ce6e46a8b8b8bf6feeca9c3040523074ef89ccf4c932833f5319efff8679e75227aeb2cb3d5a578a61673c5f85c82ae1aeb4e65d1682ebe77585

Score

10^/10

icedid banker loader trojan

Static task

static1

Behavioral task

behavioral1

Sample

095f52f43b002fce2a5aba3edd0212bc.exe

Resource

win7v20201028

icedid banker loader trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

095f52f43b002fce2a5aba3edd0212bc.exe

Resource

win10v20201028

icedid banker loader trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

icedid

C2

kostacardsplayer.pro

kostafootball.info

countrylandlords.info

landiscloudlord.red

Targets

- Target
  
  095f52f43b002fce2a5aba3edd0212bc
- Size
  
  698KB
- MD5
  
  fdffa71991e6f70f1cbed8dc1a6ba3f4
- SHA1
  
  34b4808f086901f8526a789a108273ca0124145f
- SHA256
  
  e29f24366f2af07759225ce7f4e5b758e7c76e7b9ced3bdd28ef25cfd7946499
- SHA512
  
  8d913162b0d7ce6e46a8b8b8bf6feeca9c3040523074ef89ccf4c932833f5319efff8679e75227aeb2cb3d5a578a61673c5f85c82ae1aeb4e65d1682ebe77585
Score

10^/10

icedid banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- IcedID Second Stage Loader
  loader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedidbankerloadertrojan

behavioral2

icedidbankerloadertrojan

© 2018-2024

Terms | Privacy