Overview

overview

10

Static

static

51069AFE5B...3D.exe

windows7_x64

10

51069AFE5B...3D.exe

windows10-2004_x64

10

Analysis

  • max time kernel
    139s
  • max time network
    156s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-en-20220113
  • submitted
    30-03-2022 02:29

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    51069AFE5B2C62522B68911C1DCF5BC0A089A76BC193D.exe

  • Size

    398KB

  • MD5

    9430f043ac5e73a47080c1dfbc4e829b

  • SHA1

    6dea51967ad0465286a63ed2885a332ec2addb15

  • SHA256

    51069afe5b2c62522b68911c1dcf5bc0a089a76bc193d05908faa60ba284109a

  • SHA512

    8491db08b94060ffc07873becf141e77667699c5c01cc35e4b492b4effe1e603fe55ede502be46e50c0803415f710c48ab9e70b6fbbacc103cc9a0fe960258a5

Score
10/10
icedid464168897bankerloadertrojan

Malware Config

Extracted

Family

icedid

Campaign

464168897

C2

demicdefinite.ink

Signatures

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

    trojanbankericedid
  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of SetWindowsHookEx 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\51069AFE5B2C62522B68911C1DCF5BC0A089A76BC193D.exe
    "C:\Users\Admin\AppData\Local\Temp\51069AFE5B2C62522B68911C1DCF5BC0A089A76BC193D.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of SetWindowsHookEx
    PID:4424

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/4424-130-0x0000027CFB050000-0x0000027CFB059000-memory.dmp

    Filesize

    36KB

    Download