Overview

overview

10

Static

static

34585418e4...fe.dll

windows7_x64

10

34585418e4...fe.dll

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    34585418e4d323e05731edd1d0dbd4fe.dll

  • Size

    731KB

  • Sample

    220701-w3q96acaf2

  • MD5

    34585418e4d323e05731edd1d0dbd4fe

  • SHA1

    62a16e8326bfcf308a56b77eaccf4da3fbf6822f

  • SHA256

    9b8a1a7f43532922e60292a34bd14f91560b0039772ea9c93691ff806d0795a1

  • SHA512

    f456f6a621bb1716bbc6d3cb8329f70709e6dae71088e4df1b0e6a8e142bcc9e3916b37dccbb9801bddb067b31e5b07d7d9313f2767b06490b5159f068276bb8

Score
10/10
icedid3652318967bankerloadersuricatatrojan

Malware Config

Extracted

Family

icedid

Campaign

3652318967

C2

yankyhoni.com

Targets

    • Target

      34585418e4d323e05731edd1d0dbd4fe.dll

    • Size

      731KB

    • MD5

      34585418e4d323e05731edd1d0dbd4fe

    • SHA1

      62a16e8326bfcf308a56b77eaccf4da3fbf6822f

    • SHA256

      9b8a1a7f43532922e60292a34bd14f91560b0039772ea9c93691ff806d0795a1

    • SHA512

      f456f6a621bb1716bbc6d3cb8329f70709e6dae71088e4df1b0e6a8e142bcc9e3916b37dccbb9801bddb067b31e5b07d7d9313f2767b06490b5159f068276bb8

    Score
    10/10
    icedid3652318967bankerloadersuricatatrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • suricata: ET MALWARE Win32/IcedID Request Cookie

      suricata: ET MALWARE Win32/IcedID Request Cookie

      suricata

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks