Overview

overview

10

Static

static

606bcd4c30...be.exe

windows7_x64

10

606bcd4c30...be.exe

windows10-2004_x64

10

Analysis

  • max time kernel
    147s
  • max time network
    45s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    17-04-2022 09:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    606bcd4c30f22a2328a273538ab06aa033c6bfac32e95d73b9a9c5bfd39d2ebe.exe

  • Size

    340KB

  • MD5

    12c51d4a870f350f6337b5ca7a8ad6b3

  • SHA1

    0cbe6d48fc2ff7a97778dce3084b784466961570

  • SHA256

    606bcd4c30f22a2328a273538ab06aa033c6bfac32e95d73b9a9c5bfd39d2ebe

  • SHA512

    3f2d125dabcf2d13358178f56cae2882c1409212e404c1e99f30d720bcb0ed7c46a4ae2bf0f0a57eb43c49a8bf4a48f39e28c9ae3cac241baed2801e83c93eb7

Score
10/10
icedidbankerloadertrojan

Malware Config

Extracted

Family

icedid

C2

middleposition.cyou

artsteerlingwheel.top

Signatures

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

    trojanbankericedid
  • IcedID Second Stage Loader 1 IoCs
    loader
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\606bcd4c30f22a2328a273538ab06aa033c6bfac32e95d73b9a9c5bfd39d2ebe.exe
    "C:\Users\Admin\AppData\Local\Temp\606bcd4c30f22a2328a273538ab06aa033c6bfac32e95d73b9a9c5bfd39d2ebe.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:780

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/780-58-0x0000000000350000-0x0000000000352000-memory.dmp
    Filesize

    8KB

    Download
  • memory/780-57-0x0000000000350000-0x0000000000352000-memory.dmp
    Filesize

    8KB

    Download
  • memory/780-71-0x0000000000360000-0x0000000000366000-memory.dmp
    Filesize

    24KB

    Download
  • memory/780-70-0x0000000076531000-0x0000000076533000-memory.dmp
    Filesize

    8KB

    Download
  • memory/780-69-0x0000000000350000-0x0000000000352000-memory.dmp
    Filesize

    8KB

    Download
  • memory/780-68-0x0000000000350000-0x0000000000352000-memory.dmp
    Filesize

    8KB

    Download
  • memory/780-67-0x0000000000350000-0x0000000000352000-memory.dmp
    Filesize

    8KB

    Download
  • memory/780-66-0x0000000000350000-0x0000000000352000-memory.dmp
    Filesize

    8KB

    Download
  • memory/780-65-0x0000000000350000-0x0000000000352000-memory.dmp
    Filesize

    8KB

    Download
  • memory/780-64-0x0000000000350000-0x0000000000352000-memory.dmp
    Filesize

    8KB

    Download
  • memory/780-63-0x0000000000350000-0x0000000000352000-memory.dmp
    Filesize

    8KB

    Download
  • memory/780-62-0x0000000000350000-0x0000000000352000-memory.dmp
    Filesize

    8KB

    Download
  • memory/780-61-0x0000000000350000-0x0000000000352000-memory.dmp
    Filesize

    8KB

    Download
  • memory/780-60-0x0000000000350000-0x0000000000352000-memory.dmp
    Filesize

    8KB

    Download
  • memory/780-59-0x0000000000350000-0x0000000000352000-memory.dmp
    Filesize

    8KB

    Download
  • memory/780-76-0x0000000000350000-0x0000000000352000-memory.dmp
    Filesize

    8KB

    Download