Overview

overview

10

Static

static

pasteBorder.dll

windows7_x64

10

pasteBorder.dll

windows10_x64

10

Resubmissions

04-05-2021 18:46

210504-q765esylze 10

04-05-2021 13:52

210504-hf6an9leje 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    pasteBorder.dll

  • Size

    337KB

  • Sample

    210504-q765esylze

  • MD5

    6ee6fcde80cbf4967885454cfcdf22a5

  • SHA1

    c3b771ed998a4363e9eb00996c651bc560138503

  • SHA256

    fa914c9914a9a663613c62467009adb9a283275863e0fd4a39b5e5e4f3a0f376

  • SHA512

    3d6c61836704e7302232f324c0b9d47f412f346baca0b84fe1a885662f41d8e5bc3369c3e5cab21c21106aebf5ea59653807d5461d145b1c2005466bdc0d804b

Score
10/10
icedid3042509645Photoloaderbankertrojan

Malware Config

Extracted

Family

icedid

Campaign

3042509645

C2

barcafokliresd.top

Targets

    • Target

      pasteBorder.dll

    • Size

      337KB

    • MD5

      6ee6fcde80cbf4967885454cfcdf22a5

    • SHA1

      c3b771ed998a4363e9eb00996c651bc560138503

    • SHA256

      fa914c9914a9a663613c62467009adb9a283275863e0fd4a39b5e5e4f3a0f376

    • SHA512

      3d6c61836704e7302232f324c0b9d47f412f346baca0b84fe1a885662f41d8e5bc3369c3e5cab21c21106aebf5ea59653807d5461d145b1c2005466bdc0d804b

    Score
    10/10
    icedid3042509645Photoloaderbankertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • PhotoLoader Payload

      IcedID downloder-Photloader.

      Photoloader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks