icedid | 381072d29730eb576f1e70fc66e24836153b0ffb3b221bc7f48249eea94fc0c0 | Triage

Submit
Reports

Overview

overview

Static

static

6295c4fe148ad.dll

windows7_x64

6295c4fe148ad.dll

windows10-2004_x64

Sharing

General

Target

6295c4fe148ad.tiff
Size

480KB
Sample

220531-jeej8sedgm
MD5

3f7a7b648363742a6498588e338ea290
SHA1

7ed5e8cdf04d92f794b722bf09dbb661b34a052a
SHA256

381072d29730eb576f1e70fc66e24836153b0ffb3b221bc7f48249eea94fc0c0
SHA512

37f850c2cc33613c08782516bbbf508052274be757ee900c52fa9daae563ad011824271301e9f2e3edcd93cf9f0a447b794a593e9d0fb1ed6c4e858872635ef2

Score

10^/10

icedid 2581925242 banker loader suricata trojan

Static task

static1

Behavioral task

behavioral1

Sample

6295c4fe148ad.dll

Resource

win7-20220414-en

icedid 2581925242 banker loader suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

6295c4fe148ad.dll

Resource

win10v2004-20220414-en

icedid 2581925242 banker loader suricata trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

icedid

Campaign

2581925242

C2

uleoballs.com

Targets

- Target
  
  6295c4fe148ad.tiff
- Size
  
  480KB
- MD5
  
  3f7a7b648363742a6498588e338ea290
- SHA1
  
  7ed5e8cdf04d92f794b722bf09dbb661b34a052a
- SHA256
  
  381072d29730eb576f1e70fc66e24836153b0ffb3b221bc7f48249eea94fc0c0
- SHA512
  
  37f850c2cc33613c08782516bbbf508052274be757ee900c52fa9daae563ad011824271301e9f2e3edcd93cf9f0a447b794a593e9d0fb1ed6c4e858872635ef2
Score

10^/10

icedid 2581925242 banker loader suricata trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid2581925242bankerloadersuricatatrojan

behavioral2

icedid2581925242bankerloadersuricatatrojan

© 2018-2024

Terms | Privacy