icedid | 36bd0d4b2148e6e63469a8f4d5e627224999b1cd65bd0bb760246da35f89147b | Triage

Submit
Reports

Overview

overview

Static

static

8sLDJbfC.dll

windows7_x64

8sLDJbfC.dll

windows10-2004_x64

Sharing

General

Target

8sLDJbfC.4Ct112
Size

534KB
Sample

220707-v1d2dacgam
MD5

c4a9b4f3254be77448f72272765757c7
SHA1

40d1d12fe46a0b144f7f4bbb9fcb2a758c141e20
SHA256

36bd0d4b2148e6e63469a8f4d5e627224999b1cd65bd0bb760246da35f89147b
SHA512

645a7e75b5075febb232fd2b66a128ed0bfcdb710e8340553babd9a86d768404695ab1a0424d29e99d798cdb073626daf0a544558766d809aba70d8381218fc4

Score

10^/10

icedid 227378761 banker loader suricata trojan

Static task

static1

Behavioral task

behavioral1

Sample

8sLDJbfC.dll

Resource

win7-20220414-en

icedid 227378761 banker loader suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

8sLDJbfC.dll

Resource

win10v2004-20220414-en

icedid 227378761 banker loader suricata trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

icedid

Campaign

227378761

C2

blionarywesta.com

Targets

- Target
  
  8sLDJbfC.4Ct112
- Size
  
  534KB
- MD5
  
  c4a9b4f3254be77448f72272765757c7
- SHA1
  
  40d1d12fe46a0b144f7f4bbb9fcb2a758c141e20
- SHA256
  
  36bd0d4b2148e6e63469a8f4d5e627224999b1cd65bd0bb760246da35f89147b
- SHA512
  
  645a7e75b5075febb232fd2b66a128ed0bfcdb710e8340553babd9a86d768404695ab1a0424d29e99d798cdb073626daf0a544558766d809aba70d8381218fc4
Score

10^/10

icedid 227378761 banker loader suricata trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid227378761bankerloadersuricatatrojan

behavioral2

icedid227378761bankerloadersuricatatrojan

© 2018-2024

Terms | Privacy