icedid | 39238c2728a4f6af81b57e38456aa1f9efc8c19ad0e8fbd2f3bad803dd1b75e1 | Triage

Submit
Reports

Overview

overview

Static

static

Betweenwhere.dat.dll

windows7_x64

Betweenwhere.dat.dll

windows10_x64

Sharing

General

Target

Betweenwhere.dat
Size

192KB
Sample

201207-nan56fepw2
MD5

2bdd2d1c6ed7d949cb03914f3c265f17
SHA1

51176cc43d7d733a0a13ac5072b7283f308bb4af
SHA256

39238c2728a4f6af81b57e38456aa1f9efc8c19ad0e8fbd2f3bad803dd1b75e1
SHA512

8d9076795747f39b66dcaff1bee0cc466b24edc93a3e1f426f80ccd615a96afc45b5eb4815b28d19f89115382a63eba71cdc37e590575115f6c940ee631655c1

Score

10^/10

icedid banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

Betweenwhere.dat.dll

Resource

win7v20201028

icedid banker trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Betweenwhere.dat.dll

Resource

win10v20201028

icedid banker trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  Betweenwhere.dat
- Size
  
  192KB
- MD5
  
  2bdd2d1c6ed7d949cb03914f3c265f17
- SHA1
  
  51176cc43d7d733a0a13ac5072b7283f308bb4af
- SHA256
  
  39238c2728a4f6af81b57e38456aa1f9efc8c19ad0e8fbd2f3bad803dd1b75e1
- SHA512
  
  8d9076795747f39b66dcaff1bee0cc466b24edc93a3e1f426f80ccd615a96afc45b5eb4815b28d19f89115382a63eba71cdc37e590575115f6c940ee631655c1
Score

10^/10

icedid banker trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- IcedID Core Payload
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedidbankertrojan

behavioral2

icedidbankertrojan

© 2018-2024

Terms | Privacy