Overview

overview

10

Static

static

sQZBxhnIARzL.dll

windows7_x64

10

sQZBxhnIARzL.dll

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    sQZBxhnIARzL.bin

  • Size

    815KB

  • Sample

    220216-rdw2wsdaem

  • MD5

    d6061fb5857cd3646ab5082d81083159

  • SHA1

    dde45c4cf587f388412b1e258dec4e6c13898b9a

  • SHA256

    590e621d86f4f25ae51462ad9742d90541f88887d39717cf362c1c925a09a838

  • SHA512

    4d93e24c853e5e3547e7abae34e6df3f576bb512295375408a1684e845b4223bf5fb0d3f401387ec36ee0cc779f1fa4ca001f6f5c84028e7716f5ce2fdf2009c

Score
10/10
icedid3417632220bankersuricatatrojan

Malware Config

Extracted

Family

icedid

Campaign

3417632220

Targets

    • Target

      sQZBxhnIARzL.bin

    • Size

      815KB

    • MD5

      d6061fb5857cd3646ab5082d81083159

    • SHA1

      dde45c4cf587f388412b1e258dec4e6c13898b9a

    • SHA256

      590e621d86f4f25ae51462ad9742d90541f88887d39717cf362c1c925a09a838

    • SHA512

      4d93e24c853e5e3547e7abae34e6df3f576bb512295375408a1684e845b4223bf5fb0d3f401387ec36ee0cc779f1fa4ca001f6f5c84028e7716f5ce2fdf2009c

    Score
    10/10
    icedid3417632220bankersuricatatrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • suricata: ET MALWARE Win32/IcedID Request Cookie

      suricata: ET MALWARE Win32/IcedID Request Cookie

      suricata
    behavioral1behavioral2

MITRE ATT&CK Enterprise v6

Tasks