icedid | eac5d2ad5965e0c2da630487b93ba8922202720234df6ec941af3da66b4239cb | Triage

Submit
Reports

Overview

overview

Static

static

sac3p.7z

windows10_x64

Sharing

General

Target

sac3p.7z
Size

222KB
Sample

220630-xld4yaafc9
MD5

1dffe2464ff57e37a483c713f5823039
SHA1

02d35e456b553be3ba9906c395386a7ec0dacb97
SHA256

eac5d2ad5965e0c2da630487b93ba8922202720234df6ec941af3da66b4239cb
SHA512

9aa19fa0444cc713c04330953cd54c980c5999d95ce18d21c9b4c1d4af6eff9d72611643226606538bea2584f46a3c33248fc27c2e7107e54ea35e8876c82417

Score

10^/10

icedid 3635541348 banker loader suricata trojan

Static task

static1

Behavioral task

behavioral1

Sample

sac3p.7z

Resource

win10-20220414-en

icedid 3635541348 banker loader suricata trojan

windows10_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

icedid

Campaign

3635541348

C2

piponareatna.com

Targets

- Target
  
  sac3p.7z
- Size
  
  222KB
- MD5
  
  1dffe2464ff57e37a483c713f5823039
- SHA1
  
  02d35e456b553be3ba9906c395386a7ec0dacb97
- SHA256
  
  eac5d2ad5965e0c2da630487b93ba8922202720234df6ec941af3da66b4239cb
- SHA512
  
  9aa19fa0444cc713c04330953cd54c980c5999d95ce18d21c9b4c1d4af6eff9d72611643226606538bea2584f46a3c33248fc27c2e7107e54ea35e8876c82417
Score

10^/10

icedid 3635541348 banker loader suricata trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata
- Blocklisted process makes network request
- Loads dropped DLL
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

icedid3635541348bankerloadersuricatatrojan

© 2018-2024

Terms | Privacy