Overview

overview

10

Static

static

5bf39712ce...d6.dll

windows7_x64

10

5bf39712ce...d6.dll

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    5bf39712ce9da4ff23dd8621ebff88d6.dll

  • Size

    671KB

  • Sample

    220710-kv1m3sagbn

  • MD5

    5bf39712ce9da4ff23dd8621ebff88d6

  • SHA1

    786553477d7100d8f9bef7889c11fcbc9cbbe8b3

  • SHA256

    2cd9b1c996463ca8295174726beeae03dc4da9ec8d6de127cc1c093597fa1a9b

  • SHA512

    e7918eea3b3f31b9e0792213f12a282e4d2242a9e121443a89732b9c33f6381975190fcb8812f7f7a392cd6138c0b0f5ef4f4afad23024e06e8459edef5357d6

Score
10/10
icedid1060798742bankerloadersuricatatrojan

Malware Config

Extracted

Family

icedid

Campaign

1060798742

C2

carismorth.com

Targets

    • Target

      5bf39712ce9da4ff23dd8621ebff88d6.dll

    • Size

      671KB

    • MD5

      5bf39712ce9da4ff23dd8621ebff88d6

    • SHA1

      786553477d7100d8f9bef7889c11fcbc9cbbe8b3

    • SHA256

      2cd9b1c996463ca8295174726beeae03dc4da9ec8d6de127cc1c093597fa1a9b

    • SHA512

      e7918eea3b3f31b9e0792213f12a282e4d2242a9e121443a89732b9c33f6381975190fcb8812f7f7a392cd6138c0b0f5ef4f4afad23024e06e8459edef5357d6

    Score
    10/10
    icedid1060798742bankerloadersuricatatrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • suricata: ET MALWARE Win32/IcedID Request Cookie

      suricata: ET MALWARE Win32/IcedID Request Cookie

      suricata

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks