icedid | ace16284c7f6e80393d3611775461f78a82a0d52d387dd886926be5483a8fe66 | Triage

Analysis

max time kernel
200s
max time network
209s
platform
windows10-2004_x64
resource
win10v2004-20220414-en
submitted
07-05-2022 23:34

Sharing

Report Analysis Logs

General

Target

ace16284c7f6e80393d3611775461f78a82a0d52d387dd886926be5483a8fe66.exe
Size

424KB
MD5

33d0106c16240a9bab094fa7c6626395
SHA1

3f6cbd8fcdc5a7487433877b24e04acfbc1bd42a
SHA256

ace16284c7f6e80393d3611775461f78a82a0d52d387dd886926be5483a8fe66
SHA512

f4f3a30a7a24ad0c2e1e6d2e67f884b78bb12790acd2bd217cfddc9321a138c7e45c1944bd5a587e54d47052286b377f1bf619420f5b37bcb0cc80997ea91366

Score

10^/10

icedid banker loader trojan

Malware Config

Extracted

Family

icedid

C2

loadatlantic.fit

Signatures

IcedID, BokBot
IcedID is a banking trojan capable of stealing credentials.
trojan banker icedid

IcedID First Stage Loader 2 IoCs

Processes:

resource	yara_rule
behavioral2/memory/4576-130-0x0000000000100000-0x000000000026A000-memory.dmp	IcedidFirstLoader
behavioral2/memory/4576-131-0x0000000000100000-0x0000000000106000-memory.dmp	IcedidFirstLoader

C:\Users\Admin\AppData\Local\Temp\ace16284c7f6e80393d3611775461f78a82a0d52d387dd886926be5483a8fe66.exe
"C:\Users\Admin\AppData\Local\Temp\ace16284c7f6e80393d3611775461f78a82a0d52d387dd886926be5483a8fe66.exe"
1⤵
PID:4576

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4576-130-0x0000000000100000-0x000000000026A000-memory.dmp

Filesize
1.4MB

Download
memory/4576-131-0x0000000000100000-0x0000000000106000-memory.dmp

Filesize
24KB

Download