icedid | 8296f7e07751f7626dc56c5f82dcce00578a8c8f9c50bf5923b69bc3f571ffc5 | Triage

Submit
Reports

Overview

overview

Static

static

6295fa2e1d4b3.dll

windows7_x64

6295fa2e1d4b3.dll

windows10-2004_x64

Sharing

General

Target

6295fa2e1d4b3.tiff
Size

480KB
Sample

220531-ngme3segbq
MD5

5fb757a75752e18aaf7841896779276d
SHA1

828c3a63d11563c0c85bc8efad1c60efed0b5fb7
SHA256

8296f7e07751f7626dc56c5f82dcce00578a8c8f9c50bf5923b69bc3f571ffc5
SHA512

ce653d450cd26dd4edf6e571ab734a1de6cba0f9c70e72b08ce5764b7d6407497c6892c6cab4e710e515a992a00707d56d90256cc67a9ea656e6a6fc1ddab7fd

Score

10^/10

icedid 2581925242 banker loader suricata trojan

Static task

static1

Behavioral task

behavioral1

Sample

6295fa2e1d4b3.dll

Resource

win7-20220414-en

icedid 2581925242 banker loader suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

6295fa2e1d4b3.dll

Resource

win10v2004-20220414-en

icedid 2581925242 banker loader suricata trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

icedid

Campaign

2581925242

C2

uleoballs.com

Targets

- Target
  
  6295fa2e1d4b3.tiff
- Size
  
  480KB
- MD5
  
  5fb757a75752e18aaf7841896779276d
- SHA1
  
  828c3a63d11563c0c85bc8efad1c60efed0b5fb7
- SHA256
  
  8296f7e07751f7626dc56c5f82dcce00578a8c8f9c50bf5923b69bc3f571ffc5
- SHA512
  
  ce653d450cd26dd4edf6e571ab734a1de6cba0f9c70e72b08ce5764b7d6407497c6892c6cab4e710e515a992a00707d56d90256cc67a9ea656e6a6fc1ddab7fd
Score

10^/10

icedid 2581925242 banker loader suricata trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid2581925242bankerloadersuricatatrojan

behavioral2

icedid2581925242bankerloadersuricatatrojan

© 2018-2024

Terms | Privacy