icedid | 90e06ab57da0fdd785bca9eb0b2fa05027fe6e3498865e24c07f0366c92150e2 | Triage

Submit
Reports

Overview

overview

Static

static

9TAzSK5f.dll

windows7_x64

9TAzSK5f.dll

windows10-2004_x64

Sharing

General

Target

9TAzSK5f.LnB
Size

536KB
Sample

220707-v5fe1aehe4
MD5

0804193317e5caa22a799ef101dd8c3a
SHA1

2f9286c5833ffbb9233e77512372f31b499d7d45
SHA256

90e06ab57da0fdd785bca9eb0b2fa05027fe6e3498865e24c07f0366c92150e2
SHA512

70917660d06cde3da25f7751b9aed0133e47165faa432f3a23f18e47ce8ba87c7ba9f576f64f669eb1bc3d1819a4bf2e4429e92667e5d6fef21a9d3f916208f0

Score

10^/10

icedid 227378761 banker loader suricata trojan

Static task

static1

Behavioral task

behavioral1

Sample

9TAzSK5f.dll

Resource

win7-20220414-en

icedid 227378761 banker loader suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

9TAzSK5f.dll

Resource

win10v2004-20220414-en

icedid 227378761 banker loader suricata trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

icedid

Campaign

227378761

C2

blionarywesta.com

Targets

- Target
  
  9TAzSK5f.LnB
- Size
  
  536KB
- MD5
  
  0804193317e5caa22a799ef101dd8c3a
- SHA1
  
  2f9286c5833ffbb9233e77512372f31b499d7d45
- SHA256
  
  90e06ab57da0fdd785bca9eb0b2fa05027fe6e3498865e24c07f0366c92150e2
- SHA512
  
  70917660d06cde3da25f7751b9aed0133e47165faa432f3a23f18e47ce8ba87c7ba9f576f64f669eb1bc3d1819a4bf2e4429e92667e5d6fef21a9d3f916208f0
Score

10^/10

icedid 227378761 banker loader suricata trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid227378761bankerloadersuricatatrojan

behavioral2

icedid227378761bankerloadersuricatatrojan

© 2018-2024

Terms | Privacy