Overview

overview

10

Static

static

sluice.db.dll

windows7-x64

10

sluice.db.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    sluice.db.dll

  • Size

    452KB

  • Sample

    220923-tbnzlshdh6

  • MD5

    302cb1386a0434db8e977dd0f49ac855

  • SHA1

    6131193cbe219cf5e7c74f4b7aaf18ec2f334f1a

  • SHA256

    fd26652f44780a2e4245e3d391b9ef53e4ef03a01c1176f0eb759262ac509bdd

  • SHA512

    44210755e7020c529a4a9f46ac4dc9fad214c39deeb3892430b8ad334f08aec4783b6cc72948927390edb483931e48f03f8308438de7eb2ce9c1f87534e2df6a

  • SSDEEP

    6144:4D5bfQULr+agxZ49J//pZV2jCJOuIBJ0vP:4DN5vgxZ6/RmuJOuWOP

Score
10/10
icedid2349072319bankerloadertrojan

Malware Config

Extracted

Family

icedid

Campaign

2349072319

C2

sebdgoldingor.com

Targets

    • Target

      sluice.db.dll

    • Size

      452KB

    • MD5

      302cb1386a0434db8e977dd0f49ac855

    • SHA1

      6131193cbe219cf5e7c74f4b7aaf18ec2f334f1a

    • SHA256

      fd26652f44780a2e4245e3d391b9ef53e4ef03a01c1176f0eb759262ac509bdd

    • SHA512

      44210755e7020c529a4a9f46ac4dc9fad214c39deeb3892430b8ad334f08aec4783b6cc72948927390edb483931e48f03f8308438de7eb2ce9c1f87534e2df6a

    • SSDEEP

      6144:4D5bfQULr+agxZ49J//pZV2jCJOuIBJ0vP:4DN5vgxZ6/RmuJOuWOP

    Score
    10/10
    icedid2349072319bankerloadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks