icedid | 052d37a666116008895fa77490ae8249adb74fa9fff4c1e821aaed9dd3f2acb5 | Triage

Submit
Reports

Overview

overview

Static

static

NCwXdqaN.dll

windows10_x64

Sharing

General

Target

NCwXdqaN.dll
Size

649KB
Sample

220620-xyp2zacha3
MD5

dfbb1127fc30a15f8769085216c85709
SHA1

a6271f1935f98209e5a6d5364f52c3eae1de00f6
SHA256

052d37a666116008895fa77490ae8249adb74fa9fff4c1e821aaed9dd3f2acb5
SHA512

9c847477be339fcec98b8e0cfc38eb8734e51516f67f791e5911c577e5e66eeac873ece047185c6ad431f01b98ba9a407e48eb428a5a9bad09ced10d679bd482

Score

10^/10

icedid 3400213397 banker loader suricata trojan

Static task

static1

Behavioral task

behavioral1

Sample

NCwXdqaN.dll

Resource

win10-20220414-en

icedid 3400213397 banker loader suricata trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

icedid

Campaign

3400213397

C2

coolnexoz.com

Targets

- Target
  
  NCwXdqaN.dll
- Size
  
  649KB
- MD5
  
  dfbb1127fc30a15f8769085216c85709
- SHA1
  
  a6271f1935f98209e5a6d5364f52c3eae1de00f6
- SHA256
  
  052d37a666116008895fa77490ae8249adb74fa9fff4c1e821aaed9dd3f2acb5
- SHA512
  
  9c847477be339fcec98b8e0cfc38eb8734e51516f67f791e5911c577e5e66eeac873ece047185c6ad431f01b98ba9a407e48eb428a5a9bad09ced10d679bd482
Score

10^/10

icedid 3400213397 banker loader suricata trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata
- Blocklisted process makes network request
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid3400213397bankerloadersuricatatrojan

© 2018-2024

Terms | Privacy