icedid | 98b3471ac865e7cc6cc5712ab0db76c476fd861828267284a6aa40c802737b2e | Triage

Submit
Reports

Overview

overview

Static

static

crypted_lo..._3.dll

windows7_x64

crypted_lo..._3.dll

windows10-2004_x64

Sharing

General

Target

crypted_loader_dll_64Donat_3.dll
Size

148KB
Sample

220323-bhhgashefn
MD5

9441c0354b8f4d484019621afb3036ad
SHA1

36a1361c0685f43dbe11153fbae925fc6d048dcc
SHA256

98b3471ac865e7cc6cc5712ab0db76c476fd861828267284a6aa40c802737b2e
SHA512

8d1bd9eb6065b4320bcc2477249a91bed6f96f6cfd8bc632e90fd4f23b9b3d902333c3707ae294b7fb7c237db95e67f238404ad28bf730fdf186c809b576c6cc

Score

10^/10

icedid 1832122140 banker loader suricata trojan

Static task

static1

Behavioral task

behavioral1

Sample

crypted_loader_dll_64Donat_3.dll

Resource

win7-20220310-en

icedid 1832122140 banker loader suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

crypted_loader_dll_64Donat_3.dll

Resource

win10v2004-20220310-en

icedid 1832122140 banker loader suricata trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

icedid

Campaign

1832122140

C2

rivertimad.com

Targets

- Target
  
  crypted_loader_dll_64Donat_3.dll
- Size
  
  148KB
- MD5
  
  9441c0354b8f4d484019621afb3036ad
- SHA1
  
  36a1361c0685f43dbe11153fbae925fc6d048dcc
- SHA256
  
  98b3471ac865e7cc6cc5712ab0db76c476fd861828267284a6aa40c802737b2e
- SHA512
  
  8d1bd9eb6065b4320bcc2477249a91bed6f96f6cfd8bc632e90fd4f23b9b3d902333c3707ae294b7fb7c237db95e67f238404ad28bf730fdf186c809b576c6cc
Score

10^/10

icedid 1832122140 banker loader suricata trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid1832122140bankerloadersuricatatrojan

behavioral2

icedid1832122140bankerloadersuricatatrojan

© 2018-2024

Terms | Privacy