Overview

overview

10

Static

static

sterli0p.dll

windows7-x64

10

sterli0p.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    sterli0p.dll.exe

  • Size

    380KB

  • Sample

    220830-m59pvahdd9

  • MD5

    f8c069a21e931cb148c44d33e57e5efa

  • SHA1

    e35c92182ab065f203dd7da7407adc8c2eac52f6

  • SHA256

    c27b556d297a3c6d6c3e4c5b278d07bdf7f5477a979f817d8c0750aff4511215

  • SHA512

    9aae5389192965c7a6cbbd2a248e68418fe710c21673c076c7c0be8984db4618ff526de7eb593ddeecb25fa07f08585bcf487a44f35f0f58700a1c8666466183

  • SSDEEP

    6144:VWV/Oz/2ucWBj0NM24rn2whH2paneB6W69yfue9+P024rn2XQ4LHvomnVyAy7SsT:g/O3ckjp24rn2whHdneB6WXue9R24rnj

Score
10/10
icedid2260774107bankerloadertrojan

Malware Config

Extracted

Family

icedid

Campaign

2260774107

C2

godenfasternow.com

Targets

    • Target

      sterli0p.dll.exe

    • Size

      380KB

    • MD5

      f8c069a21e931cb148c44d33e57e5efa

    • SHA1

      e35c92182ab065f203dd7da7407adc8c2eac52f6

    • SHA256

      c27b556d297a3c6d6c3e4c5b278d07bdf7f5477a979f817d8c0750aff4511215

    • SHA512

      9aae5389192965c7a6cbbd2a248e68418fe710c21673c076c7c0be8984db4618ff526de7eb593ddeecb25fa07f08585bcf487a44f35f0f58700a1c8666466183

    • SSDEEP

      6144:VWV/Oz/2ucWBj0NM24rn2whH2paneB6W69yfue9+P024rn2XQ4LHvomnVyAy7SsT:g/O3ckjp24rn2whHdneB6WXue9R24rnj

    Score
    10/10
    icedid2260774107bankerloadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks