icedid | 0ed6e961a7bcebf37764de044209710dc23a004a9e2e51fe8e778df87e64819b | Triage

Submit
Reports

Overview

overview

Static

static

b73f8697.exe

windows7_x64

b73f8697.exe

windows10-2004_x64

Sharing

General

Target

b73f8697
Size

36KB
Sample

220419-wmrkzsbeb8
MD5

3e849d9099875258dd84050b9ea2623c
SHA1

f9911bbd98816cb29d03780e4f749cbd876b2f7e
SHA256

0ed6e961a7bcebf37764de044209710dc23a004a9e2e51fe8e778df87e64819b
SHA512

56c58462607b47926024b68fc9932326565113c5bd491bfec3f0a426cd70d6307a3abd97646220d870591c61d17982bd7c56e351166469dd90ca0b0931876ec2

Score

10^/10

icedid banker loader trojan

Static task

static1

Behavioral task

behavioral1

Sample

b73f8697.exe

Resource

win7-20220414-en

icedid banker loader trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

b73f8697.exe

Resource

win10v2004-20220414-en

icedid banker loader trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

icedid

C2

dekeoipsi.top

Targets

- Target
  
  b73f8697
- Size
  
  36KB
- MD5
  
  3e849d9099875258dd84050b9ea2623c
- SHA1
  
  f9911bbd98816cb29d03780e4f749cbd876b2f7e
- SHA256
  
  0ed6e961a7bcebf37764de044209710dc23a004a9e2e51fe8e778df87e64819b
- SHA512
  
  56c58462607b47926024b68fc9932326565113c5bd491bfec3f0a426cd70d6307a3abd97646220d870591c61d17982bd7c56e351166469dd90ca0b0931876ec2
Score

10^/10

icedid banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- IcedID First Stage Loader
  loader
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

icedidbankerloadertrojan

behavioral2

icedidbankerloadertrojan

© 2018-2024

Terms | Privacy