icedid | 34948d0d4911eca35482764310f560be97ca33ebce759a479f7733c10c86dd8b | Triage

Submit
Reports

Overview

overview

Static

static

cmd.bat

windows7_x64

cmd.bat

windows10-2004_x64

Sharing

General

Target

test.zip
Size

323KB
Sample

220513-p6a9safeg7
MD5

2c369fe2ef9455e0333644eb123394ee
SHA1

c9174b87b0d5cd99e3540a5aef4c71c26b5b9c3e
SHA256

34948d0d4911eca35482764310f560be97ca33ebce759a479f7733c10c86dd8b
SHA512

d886e4b416fb8a6b9da7df9d299fa9a1b243e2027f0bd600f201fa9158e5d595eddd4f1fab9f0b6e805cee32ba1b8ea4a5d905640fc3769e20cd654caac47a20

Score

10^/10

icedid 3000901376 banker loader suricata trojan

Static task

static1

Behavioral task

behavioral1

Sample

cmd.bat

Resource

win7-20220414-en

icedid 3000901376 banker loader suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

cmd.bat

Resource

win10v2004-20220414-en

icedid 3000901376 banker loader suricata trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

icedid

Campaign

3000901376

C2

yolneanz.com

Targets

- Target
  
  cmd.bat
- Size
  
  69B
- MD5
  
  5e9549ff24e0488d40f20979c9e9c6e4
- SHA1
  
  271430ffb14345fd1ed91d8339b60103979de8e6
- SHA256
  
  2465269b1d190d38aa49ed7d70429f7d5bb2688806f932d69ae43d3a58f7854b
- SHA512
  
  963ec4155f664a14f36690a2846ccdac42d62401e3397582cbe1022152e033a9e118e5af2d4618181b6fc974659e980c4894b6d5305ae925c604969905459840
Score

10^/10

icedid 3000901376 banker loader suricata trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid3000901376bankerloadersuricatatrojan

behavioral2

icedid3000901376bankerloadersuricatatrojan

© 2018-2024

Terms | Privacy