Extracted

• • Target

    s3lop1n/documents.lnk

  • Size

    2KB

  • MD5

    067934b94afe525ffcea8f416efd0147

  • SHA1

    273b442f0872a70e155b0434f0e4cb44a1d58f3a

  • SHA256

    e72bd6fcd8251293848bc8be89844720f530835aabbae5e5d33d91c659e15b69

  • SHA512

    17310703816a2284af89bcf214069e76840efa8322518861e94d5907f47410202b7c121f53b9a7967a8750d7b83244d566c62d0940b2c8713c4cd3923877cd80

  Score

  10^/10

  icedid3433768635bankerloadersuricatatrojan

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

    trojanbankericedid

  • suricata: ET MALWARE Win32/IcedID Request Cookie

    suricata: ET MALWARE Win32/IcedID Request Cookie

    suricata

  • Blocklisted process makes network request

  • Checks computer location settings

    Looks up country code configured in the registry, likely geofence.

  behavioral1behavioral2

• • Target

    s3lop1n/s3lop1n.dll

  • Size

    861KB

  • MD5

    057e85ae8e4bac4927d6b0c0d5c11b90

  • SHA1

    c87c9b43e23b79d7c07f6d96e0a3bd593ee74c72

  • SHA256

    5f681294177b7d8b78afed82dc36bd1f7d7daa4a13e514af0b18147b38431dd9

  • SHA512

    b757cbfc1590483fea34a5acd2f948f85494dd2e9641e76160a5a5164c49d0e0e9bef8ae28ba683900599aed347f22ccc9198b3bac9162d8031083c9ba4628a7

  Score

  1^/10
  behavioral3behavioral4