Overview

overview

10

Static

static

sterli0p.dll

windows7-x64

10

sterli0p.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    sterli0p.dll.exe

  • Size

    380KB

  • Sample

    220830-s9b72acga4

  • MD5

    5fa79f4b22a896526257c0f0a2b4d8e9

  • SHA1

    ff3432956ae8a287229f840a235c46f1a78f2fb8

  • SHA256

    901c6a3aee97d801e41a8219ed72ae5545ecf199d03bd7ba5df539146053503c

  • SHA512

    d0ce9fd9090f4fed42039620c1cd8f3d07d677f9eeee70c55ca51ec4ad6cefdd7d26b0a3045687d00f3cb71b0e44a331f29d0ed79b9d1226ce4418fb01c2e3ea

  • SSDEEP

    6144:dCjHyQMt24rn2QQcIU9ycLHvomnVomk81Wa+V7HH2424rn2bBnHIsWrXIy4tBuuw:ojSQMt24rn2rcI9mk8nKHD24rn2tnHfE

Score
10/10
icedid2260774107bankerloadertrojan

Malware Config

Extracted

Family

icedid

Campaign

2260774107

C2

godenfasternow.com

Targets

    • Target

      sterli0p.dll.exe

    • Size

      380KB

    • MD5

      5fa79f4b22a896526257c0f0a2b4d8e9

    • SHA1

      ff3432956ae8a287229f840a235c46f1a78f2fb8

    • SHA256

      901c6a3aee97d801e41a8219ed72ae5545ecf199d03bd7ba5df539146053503c

    • SHA512

      d0ce9fd9090f4fed42039620c1cd8f3d07d677f9eeee70c55ca51ec4ad6cefdd7d26b0a3045687d00f3cb71b0e44a331f29d0ed79b9d1226ce4418fb01c2e3ea

    • SSDEEP

      6144:dCjHyQMt24rn2QQcIU9ycLHvomnVomk81Wa+V7HH2424rn2bBnHIsWrXIy4tBuuw:ojSQMt24rn2rcI9mk8nKHD24rn2tnHfE

    Score
    10/10
    icedid2260774107bankerloadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks