icedid | 2f92393ce47705824b329f3613c2b6936e5e7a6efb4c93f04e6bf0cdc665095a | Triage

Submit
Reports

Overview

overview

Static

static

0819bba4f2...5b.dll

windows7_x64

0819bba4f2...5b.dll

windows10-2004_x64

Sharing

General

Target

0819bba4f240548fad8b3cf7d3e7615b.dll
Size

534KB
Sample

220707-vwzghsedg3
MD5

0819bba4f240548fad8b3cf7d3e7615b
SHA1

898a736a3ee5ad62b5bfaa7008f0482622a440a3
SHA256

2f92393ce47705824b329f3613c2b6936e5e7a6efb4c93f04e6bf0cdc665095a
SHA512

e05aacf3c8851c2309f26b9a38be4a84a7813a0dcd35fa86c466ada4d57640db4d0641dd22af2e564578e852708b725b2f79ffe88985bd09ab26c29bba90b959

Score

10^/10

icedid 227378761 banker loader suricata trojan

Static task

static1

Behavioral task

behavioral1

Sample

0819bba4f240548fad8b3cf7d3e7615b.dll

Resource

win7-20220414-en

icedid 227378761 banker loader suricata trojan

windows7_x64

0 signatures

0 seconds

Behavioral task

behavioral2

Sample

0819bba4f240548fad8b3cf7d3e7615b.dll

Resource

win10v2004-20220414-en

icedid 227378761 banker loader suricata trojan

windows10-2004_x64

0 signatures

0 seconds

Malware Config

Extracted

Family

icedid

Campaign

227378761

C2

blionarywesta.com

Targets

- Target
  
  0819bba4f240548fad8b3cf7d3e7615b.dll
- Size
  
  534KB
- MD5
  
  0819bba4f240548fad8b3cf7d3e7615b
- SHA1
  
  898a736a3ee5ad62b5bfaa7008f0482622a440a3
- SHA256
  
  2f92393ce47705824b329f3613c2b6936e5e7a6efb4c93f04e6bf0cdc665095a
- SHA512
  
  e05aacf3c8851c2309f26b9a38be4a84a7813a0dcd35fa86c466ada4d57640db4d0641dd22af2e564578e852708b725b2f79ffe88985bd09ab26c29bba90b959
Score

10^/10

icedid 227378761 banker loader suricata trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata: ET MALWARE Win32/IcedID Request Cookie
  suricata
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid227378761bankerloadersuricatatrojan

behavioral2

icedid227378761bankerloadersuricatatrojan

© 2018-2024

Terms | Privacy