Overview

overview

10

Static

static

7909866a9dd617...fc.dll

windows7_x64

10

7909866a9dd617...fc.dll

windows10-2004_x64

10
General
Target

7909866a9dd6174fa51e54c57cd9d675602f395c40181ab49df2f4b971d3e2fc

Size

297KB

Sample

220503-anh5cadcc9

Score
10/10
MD5

d46361783ad06859219c08e602ce584b

SHA1

edda43f12fc840dd5e5e7d6df677e115320e261c

SHA256

7909866a9dd6174fa51e54c57cd9d675602f395c40181ab49df2f4b971d3e2fc

SHA512

f942f937148b5920715f73942690031f8fb3b727ada404d69c93344764b04adc5ce70e2edf31187d2239365f40e11af9fd586d62e9ebde33ca129fec3d02f61d

Malware Config

Extracted

Family

icedid
C2

filopipilo.top

fihokiliopo.pw
Targets
Target

7909866a9dd6174fa51e54c57cd9d675602f395c40181ab49df2f4b971d3e2fc

MD5

d46361783ad06859219c08e602ce584b

Filesize

297KB

Score
10/10
SHA1

edda43f12fc840dd5e5e7d6df677e115320e261c

SHA256

7909866a9dd6174fa51e54c57cd9d675602f395c40181ab49df2f4b971d3e2fc

SHA512

f942f937148b5920715f73942690031f8fb3b727ada404d69c93344764b04adc5ce70e2edf31187d2239365f40e11af9fd586d62e9ebde33ca129fec3d02f61d

Tags

Signatures

  • IcedID, BokBot

    Description

    IcedID is a banking trojan capable of stealing credentials.

    Tags

  • IcedID Second Stage Loader

    Tags

Related Tasks

behavioral1behavioral2
MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          Score
                          N/A

                          behavioral1

                          Score
                          10/10

                          behavioral2

                          Score
                          10/10