Malware sandboxing report by Hatching Triage

Target

9ccafdd6086d5840d792d09183b4f793bebc6a6d2d4068e5f6b1d8d5d96127b4

Size

287KB

Sample

220508-tc9byaeden

Score

10^/10

MD5

42084df2d562de3df92ac9ac107759d8

SHA1

d34ef216eba035a681d8adca3698e9b1993aa17b

SHA256

9ccafdd6086d5840d792d09183b4f793bebc6a6d2d4068e5f6b1d8d5d96127b4

SHA512

0552a9e5ce8ffe014008df75d365d9703eb9c7dc3d6c0793ad31430b2b25d1c817ade4427914f2a228cae739143710fd7333521c73d971b1047e0d3719fea35a

Extracted

Family	icedid
C2	loadpascal.asia loadpascal.asia

Target

9ccafdd6086d5840d792d09183b4f793bebc6a6d2d4068e5f6b1d8d5d96127b4

MD5

42084df2d562de3df92ac9ac107759d8

Filesize

287KB

Score

10^/10

SHA1

d34ef216eba035a681d8adca3698e9b1993aa17b

SHA256

9ccafdd6086d5840d792d09183b4f793bebc6a6d2d4068e5f6b1d8d5d96127b4

SHA512

0552a9e5ce8ffe014008df75d365d9703eb9c7dc3d6c0793ad31430b2b25d1c817ade4427914f2a228cae739143710fd7333521c73d971b1047e0d3719fea35a

Signatures

IcedID, BokBot
Description

IcedID is a banking trojan capable of stealing credentials.
Tags

trojan banker icedid
IcedID First Stage Loader
Tags

loader
Blocklisted process makes network request

Related Tasks

behavioral1 behavioral2

Collection

Command and Control

Credential Access

Defense Evasion

Discovery

Execution

Exfiltration

Impact

Initial Access

Lateral Movement

Persistence

Privilege Escalation

static1

Score

N/A

behavioral1

icedid banker loader trojan

Score

10^/10

behavioral2

icedid banker loader trojan

Score

10^/10

Extracted

Tags

Signatures

IcedID, BokBot

Description

Tags

IcedID First Stage Loader

Tags

Blocklisted process makes network request

Related Tasks

static1

behavioral1

behavioral2