Overview

overview

10

Static

static

3d90bd7d3a...34.dll

windows7_x64

10

3d90bd7d3a...34.dll

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3d90bd7d3a652090693571c901ba7234.dll

  • Size

    813KB

  • Sample

    220711-s1w6vaadep

  • MD5

    3d90bd7d3a652090693571c901ba7234

  • SHA1

    b1c1c40a877745cbd300d9b952eda2c657b103f3

  • SHA256

    7be9d46382e6b03c2d29f85755e10fdc755a91c7d646331214a3717c8259f120

  • SHA512

    e37f1567b94f0ec05a23b85edfe1936bf8dbf0bff9b6a5ae8f0798ef60aae77206810980bdb9103d76823370b8b2488aadba68702501724c21568950e8f465ed

Score
10/10
icedid4105767744bankerloadersuricatatrojan

Malware Config

Extracted

Family

icedid

Campaign

4105767744

C2

frodupshopping.com

Targets

    • Target

      3d90bd7d3a652090693571c901ba7234.dll

    • Size

      813KB

    • MD5

      3d90bd7d3a652090693571c901ba7234

    • SHA1

      b1c1c40a877745cbd300d9b952eda2c657b103f3

    • SHA256

      7be9d46382e6b03c2d29f85755e10fdc755a91c7d646331214a3717c8259f120

    • SHA512

      e37f1567b94f0ec05a23b85edfe1936bf8dbf0bff9b6a5ae8f0798ef60aae77206810980bdb9103d76823370b8b2488aadba68702501724c21568950e8f465ed

    Score
    10/10
    icedid4105767744bankerloadersuricatatrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • suricata: ET MALWARE Win32/IcedID Request Cookie

      suricata: ET MALWARE Win32/IcedID Request Cookie

      suricata

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks