Overview

overview

10

Static

static

21cf9b71a7...83.dll

windows7_x64

1

21cf9b71a7...83.dll

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    21cf9b71a71a3967966955487bb3960a03ffc484c35d0e71bfe05b798f71d583

  • Size

    260KB

  • Sample

    220427-wxpjdacdfr

  • MD5

    0ba4815496bcd69f62c69cb564ad8aeb

  • SHA1

    54538f577d786aaa2cdbd00cc49f74bcd4c34d76

  • SHA256

    21cf9b71a71a3967966955487bb3960a03ffc484c35d0e71bfe05b798f71d583

  • SHA512

    5f8f4c27a6466f6c88b10d22bf0945053d84778eae852172e592a04a04df27a2a35a61f2cdd4048240153d1de2fd38adb46c6faff0dfbdc10211bd0e510ed098

Score
10/10
icedidbankerloadertrojan

Malware Config

Extracted

Family

icedid

C2

deteresposito.club

Targets

    • Target

      21cf9b71a71a3967966955487bb3960a03ffc484c35d0e71bfe05b798f71d583

    • Size

      260KB

    • MD5

      0ba4815496bcd69f62c69cb564ad8aeb

    • SHA1

      54538f577d786aaa2cdbd00cc49f74bcd4c34d76

    • SHA256

      21cf9b71a71a3967966955487bb3960a03ffc484c35d0e71bfe05b798f71d583

    • SHA512

      5f8f4c27a6466f6c88b10d22bf0945053d84778eae852172e592a04a04df27a2a35a61f2cdd4048240153d1de2fd38adb46c6faff0dfbdc10211bd0e510ed098

    Score
    10/10
    icedidbankerloadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • IcedID First Stage Loader

      loader

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks