icedid | 0ecca89b428fe89c9af8a661a71c8e5eab9873d76ff5b4191fbd94100d0e05bc | Triage

Submit
Reports

Overview

overview

Static

static

dart.dll

windows7_x64

dart.dll

windows10-2004_x64

Sharing

General

Target

dart.dll
Size

149KB
Sample

220321-1djw1aabdm
MD5

5a10673301a00d36c56e189d0ff3b6a5
SHA1

c90c05bc0413134e026038b9f55e3119de15e215
SHA256

0ecca89b428fe89c9af8a661a71c8e5eab9873d76ff5b4191fbd94100d0e05bc
SHA512

aa56193f93bd43e78a2af187c4458e92fc05c953d1e2e39a5576b577d1ae3fd1c4993c39b95956162f2f05badda61a9ed06c92abb0a6c3c214e1bcb97c03c23e

Score

10^/10

icedid 3546287305 banker loader suricata trojan

Static task

static1

Behavioral task

behavioral1

Sample

dart.dll

Resource

win7-20220311-en

icedid 3546287305 banker loader suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

dart.dll

Resource

win10v2004-20220310-en

icedid 3546287305 banker loader suricata trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

icedid

Campaign

3546287305

C2

oceriesfornot.top

Targets

- Target
  
  dart.dll
- Size
  
  149KB
- MD5
  
  5a10673301a00d36c56e189d0ff3b6a5
- SHA1
  
  c90c05bc0413134e026038b9f55e3119de15e215
- SHA256
  
  0ecca89b428fe89c9af8a661a71c8e5eab9873d76ff5b4191fbd94100d0e05bc
- SHA512
  
  aa56193f93bd43e78a2af187c4458e92fc05c953d1e2e39a5576b577d1ae3fd1c4993c39b95956162f2f05badda61a9ed06c92abb0a6c3c214e1bcb97c03c23e
Score

10^/10

icedid 3546287305 banker loader suricata trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid3546287305bankerloadersuricatatrojan

behavioral2

icedid3546287305bankerloadersuricatatrojan

© 2018-2024

Terms | Privacy