icedid | 08966fc06c2e26f4dbb36f50812afd3863aa7ae04463bc931506a97a8d866cd5 | Triage

Submit
Reports

Overview

overview

Static

static

08966fc06c...d5.exe

windows7_x64

08966fc06c...d5.exe

windows10-2004_x64

Sharing

General

Target

08966fc06c2e26f4dbb36f50812afd3863aa7ae04463bc931506a97a8d866cd5
Size

220KB
Sample

220530-1a114sbfh4
MD5

1a7c450bdcfe99da1427d976de6d7246
SHA1

ddd5895e7837abfed13e28630e21884901966f4f
SHA256

08966fc06c2e26f4dbb36f50812afd3863aa7ae04463bc931506a97a8d866cd5
SHA512

0403918e746f9906e91a90bc3442649666ef49ac559d53daca6b25a50ca067d20926dd5a3f7f097a91df3b6db07396d011bbe41f3a3deb3a2010ce2f9e82fa37

Score

10^/10

icedid 513366864 banker loader trojan

Static task

static1

Behavioral task

behavioral1

Sample

08966fc06c2e26f4dbb36f50812afd3863aa7ae04463bc931506a97a8d866cd5.exe

Resource

win7-20220414-en

icedid 513366864 banker loader trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

08966fc06c2e26f4dbb36f50812afd3863aa7ae04463bc931506a97a8d866cd5.exe

Resource

win10v2004-20220414-en

icedid 513366864 banker loader trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

icedid

Botnet

513366864

C2

gfthwards.com

gfthwards.eu

gfthwards.net

presifered.com

Attributes

auth_var
8
url_path
/index.php

Targets

- Target
  
  08966fc06c2e26f4dbb36f50812afd3863aa7ae04463bc931506a97a8d866cd5
- Size
  
  220KB
- MD5
  
  1a7c450bdcfe99da1427d976de6d7246
- SHA1
  
  ddd5895e7837abfed13e28630e21884901966f4f
- SHA256
  
  08966fc06c2e26f4dbb36f50812afd3863aa7ae04463bc931506a97a8d866cd5
- SHA512
  
  0403918e746f9906e91a90bc3442649666ef49ac559d53daca6b25a50ca067d20926dd5a3f7f097a91df3b6db07396d011bbe41f3a3deb3a2010ce2f9e82fa37
Score

10^/10

icedid 513366864 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- IcedID Second Stage Loader
  loader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid513366864bankerloadertrojan

behavioral2

icedid513366864bankerloadertrojan

© 2018-2024

Terms | Privacy