icedid | 2b6c0c8fb1ce4458ec97642650f1dc2ef3449ef2bc41ade5466ad15013608d42 | Triage

Submit
Reports

Overview

overview

Static

static

dar.dll

windows7_x64

dar.dll

windows10-2004_x64

Resubmissions

14-06-2022 19:29

220614-x7cs1adfg2 10

14-06-2022 19:25

220614-x43j9aded9 10

Sharing

General

Target

7585926158.zip
Size

84KB
Sample

220614-x7cs1adfg2
MD5

5d6567fc6453af9f8c50bbee40e50c95
SHA1

bc7a4b50c5e3921276fd9f6329eb25b1a1e352b6
SHA256

2b6c0c8fb1ce4458ec97642650f1dc2ef3449ef2bc41ade5466ad15013608d42
SHA512

7bc399a8a96c78b072cf799789ce09ac0f05be8d022ef31a6dc518b538ff0ebe0766f54850815a5249078bca0880ec782d796779ef4af7ce8e894c1a832d5b08

Score

10^/10

icedid 3529509686 banker loader trojan

Static task

static1

Behavioral task

behavioral1

Sample

dar.dll

Resource

win7-20220414-en

icedid 3529509686 banker loader trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

dar.dll

Resource

win10v2004-20220414-en

icedid 3529509686 banker loader trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

icedid

Campaign

3529509686

C2

oceriesfornot.top

Targets

- Target
  
  dar.dll
- Size
  
  147KB
- MD5
  
  4a6ceabb2ce1b486398c254a5503b792
- SHA1
  
  08a1c43bd1c63bbea864133d2923755aa2f74440
- SHA256
  
  4a76a28498b7f391cdc2be73124b4225497232540247ca3662abd9ab2210be36
- SHA512
  
  a7266dbfee0689fe9386686a6f892055fffb15f5c11e77bf6591ded82a00b884da9b13ce5a7f29c827ae91018d9f7e71e2e6abb99050da3419154ae1edf77394
Score

10^/10

icedid 3529509686 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1 behavioral2

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

icedid3529509686bankerloadertrojan

behavioral2

icedid3529509686bankerloadertrojan

© 2018-2024

Terms | Privacy