Overview

overview

10

Static

static

497f9dee8e...1a.dll

windows7_x64

10

497f9dee8e...1a.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    497f9dee8e9f1173fb3c7e8eefef481a.dll

  • Size

    251KB

  • Sample

    211202-mky3lsefgl

  • MD5

    497f9dee8e9f1173fb3c7e8eefef481a

  • SHA1

    7839bdd7bc6e044c6c8976bd5656aecf372d8d44

  • SHA256

    4598385c4816cef9ef9a6c8b98a7b9983de334fcc932e733b05dcc788e66f358

  • SHA512

    e00866173afded226ad9e0d247caf5817f188ef73b9bb825daccc6aeeee314c47944c61d911aaa8aa1c5ff49d0f1c4517f74002d86f56fe44d44ed0a279b8ecf

Score
10/10
icedid1892568649bankersuricatatrojan

Malware Config

Extracted

Family

icedid

Campaign

1892568649

C2

normyils.com

Targets

    • Target

      497f9dee8e9f1173fb3c7e8eefef481a.dll

    • Size

      251KB

    • MD5

      497f9dee8e9f1173fb3c7e8eefef481a

    • SHA1

      7839bdd7bc6e044c6c8976bd5656aecf372d8d44

    • SHA256

      4598385c4816cef9ef9a6c8b98a7b9983de334fcc932e733b05dcc788e66f358

    • SHA512

      e00866173afded226ad9e0d247caf5817f188ef73b9bb825daccc6aeeee314c47944c61d911aaa8aa1c5ff49d0f1c4517f74002d86f56fe44d44ed0a279b8ecf

    Score
    10/10
    icedid1892568649bankersuricatatrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • suricata: ET MALWARE Win32/IcedID Request Cookie

      suricata: ET MALWARE Win32/IcedID Request Cookie

      suricata
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks