icedid | ccd7754174dfdc55c49b61cbba9ed782d43b1f5fd9c5611251c7526bf83f058e | Triage

Submit
Reports

Overview

overview

Static

static

b4a0138a63...85.dll

windows7_x64

b4a0138a63...85.dll

windows10-2004_x64

Sharing

General

Target

7501316140.zip
Size

7KB
Sample

220525-1rngcadgc9
MD5

6d80acc6170371d08f52e6595dfe48ac
SHA1

22dc1f60c59526ee6d4fb74b4d1e6d9cbc4d4286
SHA256

ccd7754174dfdc55c49b61cbba9ed782d43b1f5fd9c5611251c7526bf83f058e
SHA512

ca83585dc9f33fc04ba4be27e9e9d0dc24d8a57016e3df73a4e8844df7bac54c5de6bdfaf499d643b93ff54998aaa447a5021d10c7160732a7673592399bc3f9

Score

10^/10

icedid 168463318 banker collection core_payload loader suricata trojan

Static task

static1

loader 168463318 icedid

Behavioral task

behavioral1

Sample

b4a0138a637e4f800e62d91923dc7f77809ab6bf8f27d621502cbe82b06db485.dll

Resource

win7-20220414-en

icedid 168463318 banker core_payload suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

b4a0138a637e4f800e62d91923dc7f77809ab6bf8f27d621502cbe82b06db485.dll

Resource

win10v2004-20220414-en

icedid 168463318 banker collection core_payload suricata trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

icedid

Campaign

168463318

C2

juniarhends.com

Extracted

Family

icedid

Campaign

168463318

rsa_pubkey.plain

Targets

- Target
  
  b4a0138a637e4f800e62d91923dc7f77809ab6bf8f27d621502cbe82b06db485
- Size
  
  13KB
- MD5
  
  e67a59efdb77392a37fdfc2c37db1391
- SHA1
  
  5599ea9e45eaeae3985bda51e35befc6c78cc098
- SHA256
  
  b4a0138a637e4f800e62d91923dc7f77809ab6bf8f27d621502cbe82b06db485
- SHA512
  
  e96cef3386767f2a00dd066f7646487a69be87388c7a1e468bb05b45ecd9172031ff87f9286545ae2bab70818e33ead255ebf63f37af97d9370320791519f961
Score

10^/10

icedid 168463318 banker core_payload suricata trojan collection
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata
- Downloads MZ/PE file
- Loads dropped DLL
- Accesses Microsoft Outlook profiles
  collection
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Command-Line Interface

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Remote System Discovery

System Information Discovery

Lateral Movement

Collection

Email Collection

Exfiltration

Command and Control

Impact

Tasks

static1

loader168463318icedid

behavioral1

icedid168463318bankercore_payloadsuricatatrojan

behavioral2

icedid168463318bankercollectioncore_payloadsuricatatrojan

© 2018-2024

Terms | Privacy