Overview

overview

10

Static

static

8ad280bd53...7e.dll

windows7_x64

10

8ad280bd53...7e.dll

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8ad280bd539694d623771ecb8f3ee37e.dll

  • Size

    534KB

  • Sample

    220707-v9fassdccp

  • MD5

    8ad280bd539694d623771ecb8f3ee37e

  • SHA1

    6fda7b917618287dbe22f43b6794d9d0d61ab9ec

  • SHA256

    a1597e1fc0466ab86a51d8cab2cb970eb7ccde39770c13a04a911bfdc0672560

  • SHA512

    e9e580a67130702fe7a8b2810e2cd5de7f8c4b879e3ab634b4281d27a5d150201a4cf83e8ec86bd66f8373cef786006c0252ae3dd5ce097e199aed3a6f67bba9

Score
10/10
icedid227378761bankerloadersuricatatrojan

Malware Config

Extracted

Family

icedid

Campaign

227378761

C2

blionarywesta.com

Targets

    • Target

      8ad280bd539694d623771ecb8f3ee37e.dll

    • Size

      534KB

    • MD5

      8ad280bd539694d623771ecb8f3ee37e

    • SHA1

      6fda7b917618287dbe22f43b6794d9d0d61ab9ec

    • SHA256

      a1597e1fc0466ab86a51d8cab2cb970eb7ccde39770c13a04a911bfdc0672560

    • SHA512

      e9e580a67130702fe7a8b2810e2cd5de7f8c4b879e3ab634b4281d27a5d150201a4cf83e8ec86bd66f8373cef786006c0252ae3dd5ce097e199aed3a6f67bba9

    Score
    10/10
    icedid227378761bankerloadersuricatatrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • suricata: ET MALWARE Win32/IcedID Request Cookie

      suricata: ET MALWARE Win32/IcedID Request Cookie

      suricata

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks