Triage | Malware sandboxing report by Hatching Triage

Sharing

General

Target

b52c0640957e5032b5160578f8cb99f9b066fde4f9431.dll
Size

258KB
Sample

210421-e14kya6b2s
MD5

2cbed069a079c2c57946e9cccb1f1f72
SHA1

18c4208d04d1b0a5d0e423cb60ca87fd64eabf80
SHA256

b52c0640957e5032b5160578f8cb99f9b066fde4f9431ee6869b2eea67338f28
SHA512

372cc5969492964dcbed070981b1fd443b53e1fbc23664f75bfa01ee96aefc733998ff9d586b8099f455a7f3546cfcf4190038a9dfeb54d94903d0f4beba84c4

Score

10^/10

icedid 3351099083 banker loader trojan

Malware Config

Extracted

Family	icedid
Campaign	3351099083
C2	vaclicinni.xyz vaclicinni.xyz

Targets

- Target
  
  b52c0640957e5032b5160578f8cb99f9b066fde4f9431.dll
- Size
  
  258KB
- MD5
  
  2cbed069a079c2c57946e9cccb1f1f72
- SHA1
  
  18c4208d04d1b0a5d0e423cb60ca87fd64eabf80
- SHA256
  
  b52c0640957e5032b5160578f8cb99f9b066fde4f9431ee6869b2eea67338f28
- SHA512
  
  372cc5969492964dcbed070981b1fd443b53e1fbc23664f75bfa01ee96aefc733998ff9d586b8099f455a7f3546cfcf4190038a9dfeb54d94903d0f4beba84c4
Score

10^/10

icedid 3351099083 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- IcedID First Stage Loader
  loader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Collection

Command and Control

Credential Access

Defense Evasion

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

Tasks

static1

behavioral1

icedid3351099083bankerloadertrojan

behavioral2

icedid3351099083bankerloadertrojan