Overview

overview

10

Static

static

suit_32.tmp.dll

windows7_x64

10

suit_32.tmp.dll

windows10_x64

10

Resubmissions

30-06-2021 12:57

210630-ynxjq2av6e 10

30-03-2021 15:10

210330-kch6ynzec2 1

Sharing

Copy URL
Twitter E-mail

General

  • Target

    suit_32.tmp

  • Size

    62KB

  • Sample

    210630-ynxjq2av6e

  • MD5

    effe9404dd05910398cc62b9920bb658

  • SHA1

    e0dd75e65ca7c37593ae3d938637c5f083402550

  • SHA256

    b8502cc6fd41a558012e7ccd0a7f4e0ed5746bf106b8bf5b6a27ef9cba18a9e3

  • SHA512

    1d9e77d40b965431081c42e11b01d7b86ce767960a1e030dd32ef8fde1e41cc7a36804741a6e341e96461f884eb7dbb68b909c6d634178c768c4610598012188

Score
10/10
icedid3284564991bankertrojan

Malware Config

Extracted

Family

icedid

Botnet

3284564991

C2

twotoiletsr.space

dedupomoshi.space

lapoedjkeo.top

kawepotriv.space
Attributes
  • auth_var

    6

  • url_path

    /news/

Targets

    • Target

      suit_32.tmp

    • Size

      62KB

    • MD5

      effe9404dd05910398cc62b9920bb658

    • SHA1

      e0dd75e65ca7c37593ae3d938637c5f083402550

    • SHA256

      b8502cc6fd41a558012e7ccd0a7f4e0ed5746bf106b8bf5b6a27ef9cba18a9e3

    • SHA512

      1d9e77d40b965431081c42e11b01d7b86ce767960a1e030dd32ef8fde1e41cc7a36804741a6e341e96461f884eb7dbb68b909c6d634178c768c4610598012188

    Score
    10/10
    icedid3284564991bankertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks