Overview

overview

10

Static

static

0819bba4f2...5b.dll

windows7_x64

10

0819bba4f2...5b.dll

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    0819bba4f240548fad8b3cf7d3e7615b.dll

  • Size

    534KB

  • Sample

    220707-vwzghsedg3

  • MD5

    0819bba4f240548fad8b3cf7d3e7615b

  • SHA1

    898a736a3ee5ad62b5bfaa7008f0482622a440a3

  • SHA256

    2f92393ce47705824b329f3613c2b6936e5e7a6efb4c93f04e6bf0cdc665095a

  • SHA512

    e05aacf3c8851c2309f26b9a38be4a84a7813a0dcd35fa86c466ada4d57640db4d0641dd22af2e564578e852708b725b2f79ffe88985bd09ab26c29bba90b959

Score
10/10
icedid227378761bankerloadersuricatatrojan

Malware Config

Extracted

Family

icedid

Campaign

227378761

C2

blionarywesta.com

Targets

    • Target

      0819bba4f240548fad8b3cf7d3e7615b.dll

    • Size

      534KB

    • MD5

      0819bba4f240548fad8b3cf7d3e7615b

    • SHA1

      898a736a3ee5ad62b5bfaa7008f0482622a440a3

    • SHA256

      2f92393ce47705824b329f3613c2b6936e5e7a6efb4c93f04e6bf0cdc665095a

    • SHA512

      e05aacf3c8851c2309f26b9a38be4a84a7813a0dcd35fa86c466ada4d57640db4d0641dd22af2e564578e852708b725b2f79ffe88985bd09ab26c29bba90b959

    Score
    10/10
    icedid227378761bankerloadersuricatatrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • suricata: ET MALWARE Win32/IcedID Request Cookie

      suricata: ET MALWARE Win32/IcedID Request Cookie

      suricata

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks