icedid | 0df39d0e12024c1a464ca5eb3e1b0614721c7f4e28421dceebfc9dee7d12b421 | Triage

Submit
Reports

Overview

overview

Static

static

c5ba1ce043...ef.dll

windows7_x64

c5ba1ce043...ef.dll

windows10_x64

Sharing

General

Target

c5ba1ce043a78fa1c8850a2f471480ef.dll
Size

182KB
Sample

210505-k7ggwt4fsa
MD5

c5ba1ce043a78fa1c8850a2f471480ef
SHA1

463d4139c167ea7b6d8ca143e7a323f95315d86e
SHA256

0df39d0e12024c1a464ca5eb3e1b0614721c7f4e28421dceebfc9dee7d12b421
SHA512

437637b4e364358d18bf7774b253199821329c5b460a0c41ae43f764e2c26f68ace804d0c642e3f7cd0b5d314cda0b0dceeab81748c20ef6e4f6b9d7f21a0b1e

Score

10^/10

icedid 861670232 banker loader trojan

Static task

static1

Behavioral task

behavioral1

Sample

c5ba1ce043a78fa1c8850a2f471480ef.dll

Resource

win7v20210408

icedid 861670232 banker loader trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

c5ba1ce043a78fa1c8850a2f471480ef.dll

Resource

win10v20210410

icedid 861670232 banker loader trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

icedid

Campaign

861670232

C2

provokordino.space

Targets

- Target
  
  c5ba1ce043a78fa1c8850a2f471480ef.dll
- Size
  
  182KB
- MD5
  
  c5ba1ce043a78fa1c8850a2f471480ef
- SHA1
  
  463d4139c167ea7b6d8ca143e7a323f95315d86e
- SHA256
  
  0df39d0e12024c1a464ca5eb3e1b0614721c7f4e28421dceebfc9dee7d12b421
- SHA512
  
  437637b4e364358d18bf7774b253199821329c5b460a0c41ae43f764e2c26f68ace804d0c642e3f7cd0b5d314cda0b0dceeab81748c20ef6e4f6b9d7f21a0b1e
Score

10^/10

icedid 861670232 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- IcedID First Stage Loader
  loader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid861670232bankerloadertrojan

behavioral2

icedid861670232bankerloadertrojan

© 2018-2024

Terms | Privacy