icedid | c49f89af3ceb178d29ce17a38888f78b324065f552b0db1195be0623ce227db4 | Triage

Submit
Reports

Overview

overview

Static

static

c49f89af3c...b4.dll

windows7_x64

c49f89af3c...b4.dll

windows10-2004_x64

Sharing

General

Target

c49f89af3ceb178d29ce17a38888f78b324065f552b0db1195be0623ce227db4
Size

166KB
Sample

220502-s3kktsahbn
MD5

345cde136a86c6b5551768e226951351
SHA1

8636422b8690a01dab8b2557b1e40a1b259c56f6
SHA256

c49f89af3ceb178d29ce17a38888f78b324065f552b0db1195be0623ce227db4
SHA512

d6c994cfc93be6bfafa9c239a21e428072766c8393e0653f8f64a6b67eaa4aae2515aff6b5d6c72b56ea3559774b63ffc1626df65860aaf1f207995ba36f617d

Score

10^/10

icedid banker loader trojan

Static task

static1

Behavioral task

behavioral1

Sample

c49f89af3ceb178d29ce17a38888f78b324065f552b0db1195be0623ce227db4.dll

Resource

win7-20220414-en

icedid banker loader trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

c49f89af3ceb178d29ce17a38888f78b324065f552b0db1195be0623ce227db4.dll

Resource

win10v2004-20220414-en

icedid banker loader trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

icedid

C2

spaceprogramm.cloud

Targets

- Target
  
  c49f89af3ceb178d29ce17a38888f78b324065f552b0db1195be0623ce227db4
- Size
  
  166KB
- MD5
  
  345cde136a86c6b5551768e226951351
- SHA1
  
  8636422b8690a01dab8b2557b1e40a1b259c56f6
- SHA256
  
  c49f89af3ceb178d29ce17a38888f78b324065f552b0db1195be0623ce227db4
- SHA512
  
  d6c994cfc93be6bfafa9c239a21e428072766c8393e0653f8f64a6b67eaa4aae2515aff6b5d6c72b56ea3559774b63ffc1626df65860aaf1f207995ba36f617d
Score

10^/10

icedid banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- IcedID First Stage Loader
  loader
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedidbankerloadertrojan

behavioral2

icedidbankerloadertrojan

© 2018-2024

Terms | Privacy