Overview

overview

10

Static

static

sterli0p.dll

windows7-x64

10

sterli0p.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    sterli0p.dll

  • Size

    380KB

  • Sample

    220829-w6fmtseeb4

  • MD5

    355dd9f959b5269900881349c5fccb5f

  • SHA1

    f22dc819f0db91a25343c717be8c8e4bed2e4851

  • SHA256

    847e132e6a8a69984368aab200e0f1d68027f07678f7a40cde43c7fa3f64b60c

  • SHA512

    8f7c57aae75b93ed4550baca93d0dd981f9964695911dfe4f27f5e7f26a5a2cefb7364c496de6c577757dd42ee7e61e0938cdcbaa42ccbf8a4a955075c230ef4

  • SSDEEP

    6144:BCjEQMt24rn2QQcIU9ycLHvomnVomk81Wa+V7HH2424rn2bBnHIsWrXIy4tBuu8n:UjEQMt24rn2rcI9mk8nKHD24rn2tnHfa

Score
10/10
icedid2260774107bankerloadertrojan

Malware Config

Extracted

Family

icedid

Campaign

2260774107

C2

godenfasternow.com

Targets

    • Target

      sterli0p.dll

    • Size

      380KB

    • MD5

      355dd9f959b5269900881349c5fccb5f

    • SHA1

      f22dc819f0db91a25343c717be8c8e4bed2e4851

    • SHA256

      847e132e6a8a69984368aab200e0f1d68027f07678f7a40cde43c7fa3f64b60c

    • SHA512

      8f7c57aae75b93ed4550baca93d0dd981f9964695911dfe4f27f5e7f26a5a2cefb7364c496de6c577757dd42ee7e61e0938cdcbaa42ccbf8a4a955075c230ef4

    • SSDEEP

      6144:BCjEQMt24rn2QQcIU9ycLHvomnVomk81Wa+V7HH2424rn2bBnHIsWrXIy4tBuu8n:UjEQMt24rn2rcI9mk8nKHD24rn2tnHfa

    Score
    10/10
    icedid2260774107bankerloadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks