icedid | c6dec41788f2e709c8908e0e934a20b5b8a6712dc742bdac4bb4131bfa6ee2f9 | Triage

Submit
Reports

Overview

overview

Static

static

c6dec41788...f9.dll

windows7_x64

c6dec41788...f9.dll

windows10-2004_x64

Sharing

General

Target

c6dec41788f2e709c8908e0e934a20b5b8a6712dc742bdac4bb4131bfa6ee2f9
Size

186KB
Sample

220508-2p62cahgb4
MD5

117704e30859c562e861b640332d7cdd
SHA1

820c3d83acd046388f8e51f55ec57259f0d1d578
SHA256

c6dec41788f2e709c8908e0e934a20b5b8a6712dc742bdac4bb4131bfa6ee2f9
SHA512

947cc9abd677892d9494a5f6902b6c0ac7b32c8749511c57ff0d4731ecb40fbf2e89f17739b51a2006ff9bd01d5732533059bf89359107afc732e42f885c1d8a

Score

10^/10

icedid banker loader trojan

Static task

static1

Behavioral task

behavioral1

Sample

c6dec41788f2e709c8908e0e934a20b5b8a6712dc742bdac4bb4131bfa6ee2f9.dll

Resource

win7-20220414-en

icedid banker loader trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

c6dec41788f2e709c8908e0e934a20b5b8a6712dc742bdac4bb4131bfa6ee2f9.dll

Resource

win10v2004-20220414-en

icedid banker loader trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

icedid

C2

vernerfonbraun.pw

Targets

- Target
  
  c6dec41788f2e709c8908e0e934a20b5b8a6712dc742bdac4bb4131bfa6ee2f9
- Size
  
  186KB
- MD5
  
  117704e30859c562e861b640332d7cdd
- SHA1
  
  820c3d83acd046388f8e51f55ec57259f0d1d578
- SHA256
  
  c6dec41788f2e709c8908e0e934a20b5b8a6712dc742bdac4bb4131bfa6ee2f9
- SHA512
  
  947cc9abd677892d9494a5f6902b6c0ac7b32c8749511c57ff0d4731ecb40fbf2e89f17739b51a2006ff9bd01d5732533059bf89359107afc732e42f885c1d8a
Score

10^/10

icedid banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- IcedID First Stage Loader
  loader
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedidbankerloadertrojan

behavioral2

icedidbankerloadertrojan

© 2018-2024

Terms | Privacy