Triage | Malware sandboxing report by Hatching Triage

Submit
Reports

Overview

overview

Static

static

48e69f94c8...e6.dll

windows7_x64

48e69f94c8...e6.dll

windows10-2004_x64

Sharing

General

Target

48e69f94c801c87dc65c445d2a61398bc0708e41c78ef70a041d700f32a1dce6
Size

186KB
Sample

220508-2p7b4scegm
MD5

70c7108b898eb8b6c058a7c8c2994f96
SHA1

1ecc6f1a3f069588c2b25bf130587a0e67bf0997
SHA256

48e69f94c801c87dc65c445d2a61398bc0708e41c78ef70a041d700f32a1dce6
SHA512

a52afc3fc1bdb105ba8667bd277bb4a61f942ac9cf8fd14d128cbd971124491cac7b7066fbafac5ad7b8a090264c817842b4ff97bfadb411cf1b9ae629487ab2

Score

10^/10

icedid banker loader trojan

Static task

static1

Behavioral task

behavioral1

Sample

48e69f94c801c87dc65c445d2a61398bc0708e41c78ef70a041d700f32a1dce6.dll

Resource

win7-20220414-en

icedid banker loader trojan

Behavioral task

behavioral2

Sample

48e69f94c801c87dc65c445d2a61398bc0708e41c78ef70a041d700f32a1dce6.dll

Resource

win10v2004-20220414-en

icedid banker loader trojan

Malware Config

Extracted

Family

icedid

C2

vernerfonbraun.pw

Targets

- Target
  
  48e69f94c801c87dc65c445d2a61398bc0708e41c78ef70a041d700f32a1dce6
- Size
  
  186KB
- MD5
  
  70c7108b898eb8b6c058a7c8c2994f96
- SHA1
  
  1ecc6f1a3f069588c2b25bf130587a0e67bf0997
- SHA256
  
  48e69f94c801c87dc65c445d2a61398bc0708e41c78ef70a041d700f32a1dce6
- SHA512
  
  a52afc3fc1bdb105ba8667bd277bb4a61f942ac9cf8fd14d128cbd971124491cac7b7066fbafac5ad7b8a090264c817842b4ff97bfadb411cf1b9ae629487ab2
Score

10^/10

icedid banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- IcedID First Stage Loader
  loader
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedidbankerloadertrojan

behavioral2

icedidbankerloadertrojan

© 2018-2023

Terms | Privacy