Overview

overview

10

Static

static

mal_0.bin.dll

windows7_x64

10

mal_0.bin.dll

windows10_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    mal_0.bin

  • Size

    179KB

  • Sample

    220103-sbx2vabde7

  • MD5

    11b28ecbd7ade350eee6d25b6fae707c

  • SHA1

    10e85bf7c61223f43d0d2fdebd4c5a35a5156539

  • SHA256

    8578d45fd02aceddc838ff94e21b10a29deb3e2cc92099c9b54802504c88a56a

  • SHA512

    6b27ec9dd3c0dbeae2b14ad927a09f8c6347b2c29ff675859e1a42723b077a8f840d74a292008aa037bc4759350e0f6c5deff7962809847fd1bdcd1041873d97

Score
10/10
icedid2507181075bankertrojan

Malware Config

Extracted

Family

icedid

Campaign

2507181075

C2

vopnoz.com

Targets

    • Target

      mal_0.bin

    • Size

      179KB

    • MD5

      11b28ecbd7ade350eee6d25b6fae707c

    • SHA1

      10e85bf7c61223f43d0d2fdebd4c5a35a5156539

    • SHA256

      8578d45fd02aceddc838ff94e21b10a29deb3e2cc92099c9b54802504c88a56a

    • SHA512

      6b27ec9dd3c0dbeae2b14ad927a09f8c6347b2c29ff675859e1a42723b077a8f840d74a292008aa037bc4759350e0f6c5deff7962809847fd1bdcd1041873d97

    Score
    10/10
    icedid2507181075bankertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • Suspicious use of NtCreateProcessExOtherParentProcess

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks