icedid | a0052b5fe74778e9d7274a8c2a5c448ccb002a1dd9c53564a40a60d8d62726d3 | Triage

Submit
Reports

Overview

overview

Static

static

49c0e1398d...be.dll

windows7_x64

49c0e1398d...be.dll

windows10-2004_x64

Sharing

General

Target

49c0e1398dec485cc011ec08016850be.dll
Size

480KB
Sample

220605-kkt3jshde5
MD5

49c0e1398dec485cc011ec08016850be
SHA1

3c9a297e36de397a7966d6c4c1013bcd5a26ac1e
SHA256

a0052b5fe74778e9d7274a8c2a5c448ccb002a1dd9c53564a40a60d8d62726d3
SHA512

7d26ada8796414a012a454ceeec9470821960549edcd6a6fb7ba79c2e34ccbed6a7e5842f2502471c8de71a0fd158f651ee130e41e210cab3e45c5f55d44361f

Score

10^/10

icedid 2581925242 banker loader suricata trojan

Static task

static1

Behavioral task

behavioral1

Sample

49c0e1398dec485cc011ec08016850be.dll

Resource

win7-20220414-en

icedid 2581925242 banker loader suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

49c0e1398dec485cc011ec08016850be.dll

Resource

win10v2004-20220414-en

icedid 2581925242 banker loader suricata trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

icedid

Campaign

2581925242

C2

uleoballs.com

Targets

- Target
  
  49c0e1398dec485cc011ec08016850be.dll
- Size
  
  480KB
- MD5
  
  49c0e1398dec485cc011ec08016850be
- SHA1
  
  3c9a297e36de397a7966d6c4c1013bcd5a26ac1e
- SHA256
  
  a0052b5fe74778e9d7274a8c2a5c448ccb002a1dd9c53564a40a60d8d62726d3
- SHA512
  
  7d26ada8796414a012a454ceeec9470821960549edcd6a6fb7ba79c2e34ccbed6a7e5842f2502471c8de71a0fd158f651ee130e41e210cab3e45c5f55d44361f
Score

10^/10

icedid 2581925242 banker loader suricata trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid2581925242bankerloadersuricatatrojan

behavioral2

icedid2581925242bankerloadersuricatatrojan

© 2018-2024

Terms | Privacy