icedid | 5a5b5ece194fb5310790939797319dcdc8f9d65b37ae6fcfcfa5e3cb251e7842 | Triage

Submit
Reports

Overview

overview

Static

static

5a5b5ece19...42.dll

windows7_x64

5a5b5ece19...42.dll

windows10-2004_x64

Sharing

General

Target

5a5b5ece194fb5310790939797319dcdc8f9d65b37ae6fcfcfa5e3cb251e7842
Size

178KB
Sample

220508-2p1vbshga9
MD5

86d0e40388b95885abe8ccbf93fc8f33
SHA1

521367f26ecf38f473ec4ba175dca4b6859aa5ba
SHA256

5a5b5ece194fb5310790939797319dcdc8f9d65b37ae6fcfcfa5e3cb251e7842
SHA512

1dfdf0a7cf203b3fe1fdaa5fc6e73bb8d7505b525924083ded9e51f46841fe144482b16d34c0482bb7ac6332fa1903a599d87c64b6db72d7bb27c742ac629a3b

Score

10^/10

icedid banker loader trojan

Static task

static1

Behavioral task

behavioral1

Sample

5a5b5ece194fb5310790939797319dcdc8f9d65b37ae6fcfcfa5e3cb251e7842.dll

Resource

win7-20220414-en

icedid banker loader trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

5a5b5ece194fb5310790939797319dcdc8f9d65b37ae6fcfcfa5e3cb251e7842.dll

Resource

win10v2004-20220414-en

icedid banker loader trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

icedid

C2

qapoloki.cyou

Targets

- Target
  
  5a5b5ece194fb5310790939797319dcdc8f9d65b37ae6fcfcfa5e3cb251e7842
- Size
  
  178KB
- MD5
  
  86d0e40388b95885abe8ccbf93fc8f33
- SHA1
  
  521367f26ecf38f473ec4ba175dca4b6859aa5ba
- SHA256
  
  5a5b5ece194fb5310790939797319dcdc8f9d65b37ae6fcfcfa5e3cb251e7842
- SHA512
  
  1dfdf0a7cf203b3fe1fdaa5fc6e73bb8d7505b525924083ded9e51f46841fe144482b16d34c0482bb7ac6332fa1903a599d87c64b6db72d7bb27c742ac629a3b
Score

10^/10

icedid banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- IcedID First Stage Loader
  loader
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedidbankerloadertrojan

behavioral2

icedidbankerloadertrojan

© 2018-2024

Terms | Privacy