icedid | 6e19add81ea292a2e62357b9929a850ec4ed16f12040f49a5bbe0f1038812c42 | Triage

Submit
Reports

Overview

overview

Static

static

6e19add81e...42.exe

windows7_x64

6e19add81e...42.exe

windows10-2004_x64

Sharing

General

Target

6e19add81ea292a2e62357b9929a850ec4ed16f12040f49a5bbe0f1038812c42
Size

64KB
Sample

220625-drl7ysece4
MD5

d40ab1b49cd288ceb9e916ee64799ae1
SHA1

e34edbe081b6639f54347aa8a5f804a792af2efd
SHA256

6e19add81ea292a2e62357b9929a850ec4ed16f12040f49a5bbe0f1038812c42
SHA512

8cc7c518541b3741b860e299b6de61e89dce19ba7ef20285c15d9b43d6d59d42dc2c7c7b9f9b6704cf105f4e8eb8bc3a8c552734caa214359f625fe9f2393c94

Score

10^/10

icedid 2564056318 banker loader suricata trojan

Static task

static1

Behavioral task

behavioral1

Sample

6e19add81ea292a2e62357b9929a850ec4ed16f12040f49a5bbe0f1038812c42.exe

Resource

win7-20220414-en

icedid 2564056318 banker loader suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

6e19add81ea292a2e62357b9929a850ec4ed16f12040f49a5bbe0f1038812c42.exe

Resource

win10v2004-20220414-en

icedid 2564056318 banker loader suricata trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

icedid

Botnet

2564056318

C2

sheaffic.org

memphase.com

vulcate.com

sheaffic.com

eurobable.com

Attributes

auth_var
1
url_path
/index.php

Targets

- Target
  
  6e19add81ea292a2e62357b9929a850ec4ed16f12040f49a5bbe0f1038812c42
- Size
  
  64KB
- MD5
  
  d40ab1b49cd288ceb9e916ee64799ae1
- SHA1
  
  e34edbe081b6639f54347aa8a5f804a792af2efd
- SHA256
  
  6e19add81ea292a2e62357b9929a850ec4ed16f12040f49a5bbe0f1038812c42
- SHA512
  
  8cc7c518541b3741b860e299b6de61e89dce19ba7ef20285c15d9b43d6d59d42dc2c7c7b9f9b6704cf105f4e8eb8bc3a8c552734caa214359f625fe9f2393c94
Score

10^/10

icedid 2564056318 banker loader suricata trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz
  suricata: ET MALWARE Possible Compromised Host AnubisNetworks Sinkhole Cookie Value Snkz
  suricata
- IcedID Second Stage Loader
  loader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid2564056318bankerloadersuricatatrojan

behavioral2

icedid2564056318bankerloadersuricatatrojan

© 2018-2024

Terms | Privacy