icedid | 65b208943d8cf82af902c39400bdd7a26fdbc94c23f9d4494cf0a2ca51233213 | Triage

Submit
Reports

Overview

overview

Static

static

8

Мобіл...р.xls

windows7_x64

Мобіл...р.xls

windows10-2004_x64

Sharing

General

Target

Мобілізаційний реєстр.xls
Size

32KB
Sample

220414-ltbs1aahgp
MD5

9f33887a8e76c246753e71b896a904b3
SHA1

19fa96a6d69146fceef3f3804cd978ec24adb3eb
SHA256

65b208943d8cf82af902c39400bdd7a26fdbc94c23f9d4494cf0a2ca51233213
SHA512

a3a37f55c185aafeb728335ab54c378adbc5e1a11a3079f3af7d16f4e5635d183017d6fa1eb22f706df2eabaf6fc3864259ef51422b3e392843d2825ebe358e0

Score

10^/10

icedid 2352744503 banker loader macro macro_on_action trojan

Static task

static1

macro macro_on_action

Behavioral task

behavioral1

Sample

Мобілізаційний реєстр.xls

Resource

win7-20220311-en

icedid 2352744503 banker loader trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

Мобілізаційний реєстр.xls

Resource

win10v2004-20220310-en

icedid 2352744503 banker loader trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

icedid

Campaign

2352744503

C2

rivertimad.com

Targets

- Target
  
  Мобілізаційний реєстр.xls
- Size
  
  32KB
- MD5
  
  9f33887a8e76c246753e71b896a904b3
- SHA1
  
  19fa96a6d69146fceef3f3804cd978ec24adb3eb
- SHA256
  
  65b208943d8cf82af902c39400bdd7a26fdbc94c23f9d4494cf0a2ca51233213
- SHA512
  
  a3a37f55c185aafeb728335ab54c378adbc5e1a11a3079f3af7d16f4e5635d183017d6fa1eb22f706df2eabaf6fc3864259ef51422b3e392843d2825ebe358e0
Score

10^/10

icedid 2352744503 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- IcedID First Stage Loader
  loader
- Downloads MZ/PE file
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

macromacro_on_action

behavioral1

icedid2352744503bankerloadertrojan

behavioral2

icedid2352744503bankerloadertrojan

© 2018-2024

Terms | Privacy