Overview

overview

10

Static

static

c596833565...0d.dll

windows7_x64

10

c596833565...0d.dll

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c596833565a9e75705a839661a3a480d.dll

  • Size

    534KB

  • Sample

    220708-hqcdksebbm

  • MD5

    c596833565a9e75705a839661a3a480d

  • SHA1

    e6c5faebf1b4575dd829645d873c5e2cc596e54a

  • SHA256

    c6eea5c4b6b567392f133f7b5f98221961f9d654abd14ee53f8bffd7611bd264

  • SHA512

    6062446cafe1df6e0241546bf01ec9e67a053a0f54d000756135f2b3d2c30982b544705a65e8bc99c1aac3d9997e1ec25c9432a93265bf3bacd5fc818e0adef3

Score
10/10
icedid227378761bankerloadersuricatatrojan

Malware Config

Extracted

Family

icedid

Campaign

227378761

C2

blionarywesta.com

Targets

    • Target

      c596833565a9e75705a839661a3a480d.dll

    • Size

      534KB

    • MD5

      c596833565a9e75705a839661a3a480d

    • SHA1

      e6c5faebf1b4575dd829645d873c5e2cc596e54a

    • SHA256

      c6eea5c4b6b567392f133f7b5f98221961f9d654abd14ee53f8bffd7611bd264

    • SHA512

      6062446cafe1df6e0241546bf01ec9e67a053a0f54d000756135f2b3d2c30982b544705a65e8bc99c1aac3d9997e1ec25c9432a93265bf3bacd5fc818e0adef3

    Score
    10/10
    icedid227378761bankerloadersuricatatrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • suricata: ET MALWARE Win32/IcedID Request Cookie

      suricata: ET MALWARE Win32/IcedID Request Cookie

      suricata

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks