icedid | f8f351415ee7c63613aede4a8b4642c2afa432396ef5f949a1b8e6a58210f41e | Triage

Submit
Reports

Overview

overview

Static

static

f8f351415e...1e.exe

windows7_x64

f8f351415e...1e.exe

windows10-2004_x64

Sharing

General

Target

f8f351415ee7c63613aede4a8b4642c2afa432396ef5f949a1b8e6a58210f41e
Size

238KB
Sample

220508-bfbkzaahf3
MD5

62ed03b882afc7078cc3bd6563f4a608
SHA1

eac946a5a75735f110ac66aede384676b2094ae6
SHA256

f8f351415ee7c63613aede4a8b4642c2afa432396ef5f949a1b8e6a58210f41e
SHA512

a1d6b9138fa00dbf0aa0aaafe013d3f3203d40a2ac6eb4b98d3896af6cce9df640c373fb85296e718b1e5bf87fb36d4abc094416e8948b947081cd87c050937d

Score

10^/10

icedid 2635507097 banker loader trojan

Static task

static1

Behavioral task

behavioral1

Sample

f8f351415ee7c63613aede4a8b4642c2afa432396ef5f949a1b8e6a58210f41e.exe

Resource

win7-20220414-en

icedid 2635507097 banker loader trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

f8f351415ee7c63613aede4a8b4642c2afa432396ef5f949a1b8e6a58210f41e.exe

Resource

win10v2004-20220414-en

icedid 2635507097 banker loader trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

icedid

Extracted

Family

icedid

Botnet

2635507097

C2

rufepuksuka.cyou

uzhokpidarok.cyou

Attributes

auth_var
1
url_path
/audio/

Targets

- Target
  
  f8f351415ee7c63613aede4a8b4642c2afa432396ef5f949a1b8e6a58210f41e
- Size
  
  238KB
- MD5
  
  62ed03b882afc7078cc3bd6563f4a608
- SHA1
  
  eac946a5a75735f110ac66aede384676b2094ae6
- SHA256
  
  f8f351415ee7c63613aede4a8b4642c2afa432396ef5f949a1b8e6a58210f41e
- SHA512
  
  a1d6b9138fa00dbf0aa0aaafe013d3f3203d40a2ac6eb4b98d3896af6cce9df640c373fb85296e718b1e5bf87fb36d4abc094416e8948b947081cd87c050937d
Score

10^/10

icedid 2635507097 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- IcedID Second Stage Loader
  loader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid2635507097bankerloadertrojan

behavioral2

icedid2635507097bankerloadertrojan

© 2018-2024

Terms | Privacy