Overview

overview

10

Static

static

66f6f1fa55...a6.exe

windows7_x64

10

66f6f1fa55...a6.exe

windows10-2004_x64

10

Analysis

  • max time kernel
    139s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220414-en
  • submitted
    08-05-2022 16:40

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    66f6f1fa55a0d506c7b8e46a6600e081ef00d085b7492fdf082651e8db37fba6.exe

  • Size

    304KB

  • MD5

    8b294b6025af7d8a90b69d304156f5cc

  • SHA1

    b0d0ea067cc3700eb794762c1a3c3930a423a77c

  • SHA256

    66f6f1fa55a0d506c7b8e46a6600e081ef00d085b7492fdf082651e8db37fba6

  • SHA512

    d196328a02c456b40149d51cfc733c8f2946cd1522d7d688c9d21ba48f92f586d0cb3b6a5557d710a959b696e490668e4f5fac2d5390f4c774334512f5686d56

Score
10/10
icedid1453255761bankerloadertrojan

Malware Config

Extracted

Family

icedid

Botnet

1453255761

C2

startluna.club

lunat.top
Attributes
  • auth_var

    3

  • url_path

    /audio/

Extracted

Family

icedid

Signatures

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

    trojanbankericedid
  • IcedID Second Stage Loader 2 IoCs
    loader

Processes

  • C:\Users\Admin\AppData\Local\Temp\66f6f1fa55a0d506c7b8e46a6600e081ef00d085b7492fdf082651e8db37fba6.exe
    "C:\Users\Admin\AppData\Local\Temp\66f6f1fa55a0d506c7b8e46a6600e081ef00d085b7492fdf082651e8db37fba6.exe"
    1⤵
      PID:4636

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/4636-130-0x0000000000140000-0x0000000000146000-memory.dmp
      Filesize

      24KB

      Download
    • memory/4636-131-0x0000000000140000-0x0000000000484000-memory.dmp
      Filesize

      3.3MB

      Download