Overview

overview

10

Static

static

b8f99c35c5...e3.dll

windows7_x64

10

b8f99c35c5...e3.dll

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    b8f99c35c5afe185d918a01b4d0114409615d867eef96a2dac297b1c5453d8e3

  • Size

    309KB

  • Sample

    220709-cvqh4sbcek

  • MD5

    5bbe90013dd71d13852c38140aa761f3

  • SHA1

    8290a80fb68c6fba0bed8a584428d728c63da964

  • SHA256

    7dc7edf1ec4766e6ae04dc93ad7024cbebd9a5201d8f6c6982d70e0c76808e96

  • SHA512

    cad71a8bc5b30ec051e1bb7e82fab69d9869187954478cb72f17e40f8c9f07d246780e58dc23ddaaa7840dad413d4df0846e80db4cd98ee413a18022b25793d0

Score
10/10
icedid227378761bankerloadersuricatatrojan

Malware Config

Extracted

Family

icedid

Campaign

227378761

C2

blionarywesta.com

Targets

    • Target

      b8f99c35c5afe185d918a01b4d0114409615d867eef96a2dac297b1c5453d8e3

    • Size

      536KB

    • MD5

      ec0baedf6fb813e9d14cc156f72fd8a8

    • SHA1

      30e26572595a5e33821a8f8799e807653fc28f53

    • SHA256

      b8f99c35c5afe185d918a01b4d0114409615d867eef96a2dac297b1c5453d8e3

    • SHA512

      1ad2f24643905b9c97ea2f5394ff614a325bbf247f100a1be5b3745745a6450a5df5fe862e9c65449aa985a04b1855330df4d2804f83c76abf244fa76e2fca63

    Score
    10/10
    icedid227378761bankerloadersuricatatrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • suricata: ET MALWARE Win32/IcedID Request Cookie

      suricata: ET MALWARE Win32/IcedID Request Cookie

      suricata

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks