icedid | 9c3ee16288af89bed69166f1e1690769f0b563c2c2ef1277c6dceaec514e3652 | Triage

Submit
Reports

Overview

overview

Static

static

9c3ee16288...52.exe

windows7_x64

9c3ee16288...52.exe

windows10-2004_x64

Sharing

General

Target

9c3ee16288af89bed69166f1e1690769f0b563c2c2ef1277c6dceaec514e3652
Size

238KB
Sample

220507-zdnphsgfbq
MD5

d7a233713cc5a33fd5b9a5aae94424e9
SHA1

2e93c381c0beca903be5b2f4a35fc822658525fd
SHA256

9c3ee16288af89bed69166f1e1690769f0b563c2c2ef1277c6dceaec514e3652
SHA512

0596b70a987b01414522f66f4968539ccf86cd8bce71c558487e00f4ff7a337b08339f363032328a6e293dddd48945eb78f8b1078a3847ab6713556f47889237

Score

10^/10

icedid 2635507097 banker loader trojan

Static task

static1

Behavioral task

behavioral1

Sample

9c3ee16288af89bed69166f1e1690769f0b563c2c2ef1277c6dceaec514e3652.exe

Resource

win7-20220414-en

icedid 2635507097 banker loader trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

9c3ee16288af89bed69166f1e1690769f0b563c2c2ef1277c6dceaec514e3652.exe

Resource

win10v2004-20220414-en

icedid 2635507097 banker loader trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

icedid

Extracted

Family

icedid

Botnet

2635507097

C2

rufepuksuka.cyou

uzhokpidarok.cyou

Attributes

auth_var
1
url_path
/audio/

Targets

- Target
  
  9c3ee16288af89bed69166f1e1690769f0b563c2c2ef1277c6dceaec514e3652
- Size
  
  238KB
- MD5
  
  d7a233713cc5a33fd5b9a5aae94424e9
- SHA1
  
  2e93c381c0beca903be5b2f4a35fc822658525fd
- SHA256
  
  9c3ee16288af89bed69166f1e1690769f0b563c2c2ef1277c6dceaec514e3652
- SHA512
  
  0596b70a987b01414522f66f4968539ccf86cd8bce71c558487e00f4ff7a337b08339f363032328a6e293dddd48945eb78f8b1078a3847ab6713556f47889237
Score

10^/10

icedid 2635507097 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- IcedID Second Stage Loader
  loader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid2635507097bankerloadertrojan

behavioral2

icedid2635507097bankerloadertrojan

© 2018-2024

Terms | Privacy