icedid | c9c2f153c10a1ea0eb914d7902b0866960f0a58459f6f7b5fb29b479a85f3890 | Triage

Submit
Reports

Overview

overview

Static

static

c9c2f153c1...90.dll

windows7_x64

c9c2f153c1...90.dll

windows10-2004_x64

Sharing

General

Target

c9c2f153c10a1ea0eb914d7902b0866960f0a58459f6f7b5fb29b479a85f3890
Size

186KB
Sample

220508-2p6etacegl
MD5

b3a50b17c5df922ec4a1c3019c33b9c5
SHA1

3b186a01d4a8ccc905f08b0672f32a705ae8d036
SHA256

c9c2f153c10a1ea0eb914d7902b0866960f0a58459f6f7b5fb29b479a85f3890
SHA512

26c0814015940ebc605aae2ed96d7d77d761613451ffb8c9da8cc3f12319800574136368044d1e1f8875fab12e9c62f8bb134e4db29b581763d30547890bbce1

Score

10^/10

icedid banker loader trojan

Static task

static1

Behavioral task

behavioral1

Sample

c9c2f153c10a1ea0eb914d7902b0866960f0a58459f6f7b5fb29b479a85f3890.dll

Resource

win7-20220414-en

icedid banker loader trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

c9c2f153c10a1ea0eb914d7902b0866960f0a58459f6f7b5fb29b479a85f3890.dll

Resource

win10v2004-20220414-en

icedid banker loader trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

icedid

C2

vernerfonbraun.pw

Targets

- Target
  
  c9c2f153c10a1ea0eb914d7902b0866960f0a58459f6f7b5fb29b479a85f3890
- Size
  
  186KB
- MD5
  
  b3a50b17c5df922ec4a1c3019c33b9c5
- SHA1
  
  3b186a01d4a8ccc905f08b0672f32a705ae8d036
- SHA256
  
  c9c2f153c10a1ea0eb914d7902b0866960f0a58459f6f7b5fb29b479a85f3890
- SHA512
  
  26c0814015940ebc605aae2ed96d7d77d761613451ffb8c9da8cc3f12319800574136368044d1e1f8875fab12e9c62f8bb134e4db29b581763d30547890bbce1
Score

10^/10

icedid banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- IcedID First Stage Loader
  loader
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedidbankerloadertrojan

behavioral2

icedidbankerloadertrojan

© 2018-2024

Terms | Privacy