Overview

overview

10

Static

static

SecuriteIn...39.dll

windows7_x64

10

SecuriteIn...39.dll

windows10_x64

10

Resubmissions

29-03-2021 10:14

210329-zjaegpc28e 10

28-03-2021 07:45

210328-rc9cek9xds 10

26-03-2021 19:45

210326-wqybt9nx3a 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    SecuriteInfo.com.Win64.Kryptik.CIR.26406.11439

  • Size

    468KB

  • Sample

    210328-rc9cek9xds

  • MD5

    dfb99863491fcf249a9fdae9ec822e55

  • SHA1

    70fa096fe85f7dfc1c4580130ded475734a3b1ed

  • SHA256

    799f6008de9c71104041da49c12c52a6eed9686165f0c0842cad5696cfda4c60

  • SHA512

    51292886250ebd34a0eb7510af5a922a3cc518b21a399fcbf585b446b66888f1a3620bcab33a77ae90fd5cf5d062dc1ccd086e012780539376ba5f87ae766925

Score
10/10
icedid1194461090Photoloaderbankerloadertrojan

Malware Config

Extracted

Family

icedid

Campaign

1194461090

C2

skolziko.uno

Targets

    • Target

      SecuriteInfo.com.Win64.Kryptik.CIR.26406.11439

    • Size

      468KB

    • MD5

      dfb99863491fcf249a9fdae9ec822e55

    • SHA1

      70fa096fe85f7dfc1c4580130ded475734a3b1ed

    • SHA256

      799f6008de9c71104041da49c12c52a6eed9686165f0c0842cad5696cfda4c60

    • SHA512

      51292886250ebd34a0eb7510af5a922a3cc518b21a399fcbf585b446b66888f1a3620bcab33a77ae90fd5cf5d062dc1ccd086e012780539376ba5f87ae766925

    Score
    10/10
    icedid1194461090Photoloaderbankerloadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • IcedID First Stage Loader

      loader

    • PhotoLoader Payload

      IcedID downloder-Photloader.

      Photoloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks