Overview

overview

10

Static

static

606bcd4c30...be.exe

windows7_x64

10

606bcd4c30...be.exe

windows10-2004_x64

10

Analysis

  • max time kernel
    148s
  • max time network
    172s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    17-04-2022 09:09

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    606bcd4c30f22a2328a273538ab06aa033c6bfac32e95d73b9a9c5bfd39d2ebe.exe

  • Size

    340KB

  • MD5

    12c51d4a870f350f6337b5ca7a8ad6b3

  • SHA1

    0cbe6d48fc2ff7a97778dce3084b784466961570

  • SHA256

    606bcd4c30f22a2328a273538ab06aa033c6bfac32e95d73b9a9c5bfd39d2ebe

  • SHA512

    3f2d125dabcf2d13358178f56cae2882c1409212e404c1e99f30d720bcb0ed7c46a4ae2bf0f0a57eb43c49a8bf4a48f39e28c9ae3cac241baed2801e83c93eb7

Score
10/10
icedidbankerloadertrojan

Malware Config

Extracted

Family

icedid

C2

middleposition.cyou

artsteerlingwheel.top

Signatures

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

    trojanbankericedid
  • IcedID Second Stage Loader 1 IoCs
    loader
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\606bcd4c30f22a2328a273538ab06aa033c6bfac32e95d73b9a9c5bfd39d2ebe.exe
    "C:\Users\Admin\AppData\Local\Temp\606bcd4c30f22a2328a273538ab06aa033c6bfac32e95d73b9a9c5bfd39d2ebe.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    PID:2560

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/2560-134-0x0000000002110000-0x0000000002112000-memory.dmp
    Filesize

    8KB

    Download
  • memory/2560-133-0x0000000002110000-0x0000000002112000-memory.dmp
    Filesize

    8KB

    Download
  • memory/2560-135-0x0000000002110000-0x0000000002112000-memory.dmp
    Filesize

    8KB

    Download
  • memory/2560-136-0x0000000002110000-0x0000000002112000-memory.dmp
    Filesize

    8KB

    Download
  • memory/2560-138-0x0000000002110000-0x0000000002112000-memory.dmp
    Filesize

    8KB

    Download
  • memory/2560-137-0x0000000002110000-0x0000000002112000-memory.dmp
    Filesize

    8KB

    Download
  • memory/2560-140-0x0000000002110000-0x0000000002112000-memory.dmp
    Filesize

    8KB

    Download
  • memory/2560-139-0x0000000002110000-0x0000000002112000-memory.dmp
    Filesize

    8KB

    Download
  • memory/2560-142-0x0000000002110000-0x0000000002112000-memory.dmp
    Filesize

    8KB

    Download
  • memory/2560-145-0x0000000002110000-0x0000000002112000-memory.dmp
    Filesize

    8KB

    Download
  • memory/2560-144-0x0000000002110000-0x0000000002112000-memory.dmp
    Filesize

    8KB

    Download
  • memory/2560-143-0x0000000002110000-0x0000000002112000-memory.dmp
    Filesize

    8KB

    Download
  • memory/2560-141-0x0000000002110000-0x0000000002112000-memory.dmp
    Filesize

    8KB

    Download
  • memory/2560-146-0x0000000002120000-0x0000000002126000-memory.dmp
    Filesize

    24KB

    Download
  • memory/2560-151-0x0000000002110000-0x0000000002112000-memory.dmp
    Filesize

    8KB

    Download