Overview

overview

10

Static

static

3d484699be...ff.dll

windows7_x64

10

3d484699be...ff.dll

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3d484699be6b28b0edd4a3e55647beff.dll

  • Size

    424KB

  • Sample

    220704-xhgewscgc9

  • MD5

    3d484699be6b28b0edd4a3e55647beff

  • SHA1

    d6f7ea8695c61d3894b8f382e08974cd79da7d74

  • SHA256

    7e73e4c5cba972050590b768c5612cbf0bcb3ea963ac6286a23608a067e65fcc

  • SHA512

    ab30b586d4e3609a6afb2567c408f72c057e0adf5f2f963917f079d3c008e69f0cae46362f0711f9195c79a0f0a178ef31aabbc2963ae38b8e5bccaf4094276b

Score
10/10
icedid3635541348bankerloadersuricatatrojan

Malware Config

Extracted

Family

icedid

Campaign

3635541348

C2

piponareatna.com

Targets

    • Target

      3d484699be6b28b0edd4a3e55647beff.dll

    • Size

      424KB

    • MD5

      3d484699be6b28b0edd4a3e55647beff

    • SHA1

      d6f7ea8695c61d3894b8f382e08974cd79da7d74

    • SHA256

      7e73e4c5cba972050590b768c5612cbf0bcb3ea963ac6286a23608a067e65fcc

    • SHA512

      ab30b586d4e3609a6afb2567c408f72c057e0adf5f2f963917f079d3c008e69f0cae46362f0711f9195c79a0f0a178ef31aabbc2963ae38b8e5bccaf4094276b

    Score
    10/10
    icedid3635541348bankerloadersuricatatrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • suricata: ET MALWARE Win32/IcedID Request Cookie

      suricata: ET MALWARE Win32/IcedID Request Cookie

      suricata

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks