icedid | f59531b810bcbc677907e9fa2be65187b3ee4cd980f633775cc8b2186f3e83d2 | Triage

Submit
Reports

Overview

overview

Static

static

093789.hta

windows10_x64

Sharing

General

Target

093789.hta
Size

127KB
Sample

220523-vyng2abhfl
MD5

9ded224c99c7fa6179d5a8a86278ad85
SHA1

30795cf7e98050d7e39cd98d649c82eb3345b537
SHA256

f59531b810bcbc677907e9fa2be65187b3ee4cd980f633775cc8b2186f3e83d2
SHA512

7282fcea1b6e66a88c3267b62da7708c7a44ac1bba1d49a9156a2b139eca41aa029b6275e875c819b35e3a4ad40421090687d6017cf1bdb5e7e4d955f41f80d6

Score

10^/10

icedid 3826577017 banker suricata trojan

Static task

static1

Behavioral task

behavioral1

Sample

093789.hta

Resource

win10-20220414-en

icedid 3826577017 banker suricata trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

icedid

Campaign

3826577017

Targets

- Target
  
  093789.hta
- Size
  
  127KB
- MD5
  
  9ded224c99c7fa6179d5a8a86278ad85
- SHA1
  
  30795cf7e98050d7e39cd98d649c82eb3345b537
- SHA256
  
  f59531b810bcbc677907e9fa2be65187b3ee4cd980f633775cc8b2186f3e83d2
- SHA512
  
  7282fcea1b6e66a88c3267b62da7708c7a44ac1bba1d49a9156a2b139eca41aa029b6275e875c819b35e3a4ad40421090687d6017cf1bdb5e7e4d955f41f80d6
Score

10^/10

icedid 3826577017 banker suricata trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata
- Blocklisted process makes network request
- Downloads MZ/PE file
- Executes dropped EXE
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

icedid3826577017bankersuricatatrojan

© 2018-2024

Terms | Privacy