Overview

overview

10

Static

static

9740209b37...89.exe

windows7_x64

10

9740209b37...89.exe

windows10-2004_x64

10

Analysis

  • max time kernel
    161s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20220414-en
  • submitted
    08-05-2022 19:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    9740209b371081d4a36183cc227fc5f978c9bba65b3db7c4a58f6a64c7514d89.exe

  • Size

    547KB

  • MD5

    4284e33d5acd0c3f537bc0a03b27b289

  • SHA1

    8e446941e1b727fd4b32002c3848c568b473817b

  • SHA256

    9740209b371081d4a36183cc227fc5f978c9bba65b3db7c4a58f6a64c7514d89

  • SHA512

    0561ccf43541531af17012294379e0e2bc5b3c3595691eb0ea44ff54ad8988633fb327220ce0a484602442a87f52cba11dbee5d4def415377a035891949510c5

Score
10/10
icedid1076950734bankerloadertrojan

Malware Config

Extracted

Family

icedid

Extracted

Family

icedid

Botnet

1076950734

C2

justiceminister.best

fivejudgescatholic.cyou
Attributes
  • auth_var

    2

  • url_path

    /audio/

Signatures

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

    trojanbankericedid
  • IcedID Second Stage Loader 2 IoCs
    loader

Processes

  • C:\Users\Admin\AppData\Local\Temp\9740209b371081d4a36183cc227fc5f978c9bba65b3db7c4a58f6a64c7514d89.exe
    "C:\Users\Admin\AppData\Local\Temp\9740209b371081d4a36183cc227fc5f978c9bba65b3db7c4a58f6a64c7514d89.exe"
    1⤵
      PID:600

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/600-54-0x0000000075871000-0x0000000075873000-memory.dmp

      Filesize

      8KB

      Download

    • memory/600-55-0x0000000000030000-0x00000000001B3000-memory.dmp

      Filesize

      1.5MB

      Download

    • memory/600-56-0x0000000000030000-0x0000000000036000-memory.dmp

      Filesize

      24KB

      Download