icedid | 9385db8c3d2cfa98e87d97dbce2df036d3ac2c4d797930f6d400db5b1d4028ec | Triage

Submit
Reports

Overview

overview

Static

static

powPowLike.jpg.dll

windows7_x64

powPowLike.jpg.dll

windows10_x64

Sharing

General

Target

powPowLike.jpg.dll
Size

251KB
Sample

211201-1yfp3sgdam
MD5

66c83dab8a955502e979e0ba02c98cf9
SHA1

efb731305004457cf3f2698a260d96c784a22adb
SHA256

9385db8c3d2cfa98e87d97dbce2df036d3ac2c4d797930f6d400db5b1d4028ec
SHA512

e610bf7febfe90191919060dee9a1a2fc0dd1894ea569a9e3a9c4f9ae9c5d6d3eee65c949a587545dddcd84664dfd8f8df482611e3f9540efebffc5ba5afd7a7

Score

10^/10

icedid 1892568649 banker suricata trojan

Static task

static1

Behavioral task

behavioral1

Sample

powPowLike.jpg.dll

Resource

win7-en-20211014

icedid 1892568649 banker suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

powPowLike.jpg.dll

Resource

win10-en-20211014

icedid 1892568649 banker suricata trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

icedid

Campaign

1892568649

C2

normyils.com

Targets

- Target
  
  powPowLike.jpg.dll
- Size
  
  251KB
- MD5
  
  66c83dab8a955502e979e0ba02c98cf9
- SHA1
  
  efb731305004457cf3f2698a260d96c784a22adb
- SHA256
  
  9385db8c3d2cfa98e87d97dbce2df036d3ac2c4d797930f6d400db5b1d4028ec
- SHA512
  
  e610bf7febfe90191919060dee9a1a2fc0dd1894ea569a9e3a9c4f9ae9c5d6d3eee65c949a587545dddcd84664dfd8f8df482611e3f9540efebffc5ba5afd7a7
Score

10^/10

icedid 1892568649 banker suricata trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid1892568649bankersuricatatrojan

behavioral2

icedid1892568649bankersuricatatrojan

© 2018-2024

Terms | Privacy