icedid | 12b4d0ba2fdc1f7af5a838e028eea3305a8d067776044c82b02997bec4ea3090 | Triage

Submit
Reports

Overview

overview

Static

static

12b4d0ba2f...90.exe

windows7_x64

12b4d0ba2f...90.exe

windows10-2004_x64

Sharing

General

Target

12b4d0ba2fdc1f7af5a838e028eea3305a8d067776044c82b02997bec4ea3090
Size

82KB
Sample

220523-1bnr6scdcr
MD5

83b5eb867110403cc72819463a807b73
SHA1

efc2f8f7584a633103aa568600b977312ecb9dd7
SHA256

12b4d0ba2fdc1f7af5a838e028eea3305a8d067776044c82b02997bec4ea3090
SHA512

2379e8543022691b67cddb4a2d571c06d949dd6638f72c3569f52908a1449a42aca11ad7a3afa0b3bf884ee64dee388744db87f29a238c6d4ffac7f135f34844

Score

10^/10

icedid 2794990697 banker loader suricata trojan

Static task

static1

Behavioral task

behavioral1

Sample

12b4d0ba2fdc1f7af5a838e028eea3305a8d067776044c82b02997bec4ea3090.exe

Resource

win7-20220414-en

icedid 2794990697 banker loader suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

12b4d0ba2fdc1f7af5a838e028eea3305a8d067776044c82b02997bec4ea3090.exe

Resource

win10v2004-20220414-en

icedid 2794990697 banker loader trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

icedid

Botnet

2794990697

C2

sheaffic.org

memphase.com

vulcate.com

sheaffic.com

eurobable.com

Attributes

auth_var
1
url_path
/index.php

Extracted

Family

icedid

Targets

- Target
  
  12b4d0ba2fdc1f7af5a838e028eea3305a8d067776044c82b02997bec4ea3090
- Size
  
  82KB
- MD5
  
  83b5eb867110403cc72819463a807b73
- SHA1
  
  efc2f8f7584a633103aa568600b977312ecb9dd7
- SHA256
  
  12b4d0ba2fdc1f7af5a838e028eea3305a8d067776044c82b02997bec4ea3090
- SHA512
  
  2379e8543022691b67cddb4a2d571c06d949dd6638f72c3569f52908a1449a42aca11ad7a3afa0b3bf884ee64dee388744db87f29a238c6d4ffac7f135f34844
Score

10^/10

icedid 2794990697 banker loader suricata trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz
  suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz
  suricata
- IcedID Second Stage Loader
  loader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid2794990697bankerloadersuricatatrojan

behavioral2

icedid2794990697bankerloadertrojan

© 2018-2024

Terms | Privacy