Overview

overview

10

Static

static

dowNext.jpg.dll

windows7_x64

10

dowNext.jpg.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    dowNext.jpg

  • Size

    251KB

  • Sample

    211202-dt7axadgf6

  • MD5

    f131b3a241c3d48e7fa410c61ea52436

  • SHA1

    72203715f45b8a89f4f6f7b184a0a2adbf752d7f

  • SHA256

    d54a870ba5656c5d3ddfab5f7f325c2fb8ee256b25e2872847c5ff244bc6ee6e

  • SHA512

    6f92c548c8bd2154e66b00a2bc315cc50d92a3140bb9cf9b6606f60ad0215e9c48fd3b7e0f5f7c677d00951379f7af411dbf511c2560a62097313d88160bd573

Score
10/10
icedid1892568649bankertrojan

Malware Config

Extracted

Family

icedid

Campaign

1892568649

C2

normyils.com

Targets

    • Target

      dowNext.jpg

    • Size

      251KB

    • MD5

      f131b3a241c3d48e7fa410c61ea52436

    • SHA1

      72203715f45b8a89f4f6f7b184a0a2adbf752d7f

    • SHA256

      d54a870ba5656c5d3ddfab5f7f325c2fb8ee256b25e2872847c5ff244bc6ee6e

    • SHA512

      6f92c548c8bd2154e66b00a2bc315cc50d92a3140bb9cf9b6606f60ad0215e9c48fd3b7e0f5f7c677d00951379f7af411dbf511c2560a62097313d88160bd573

    Score
    10/10
    icedid1892568649bankertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks