icedid | 6358d9acb3124a4f0f69bc6fc481c2194a1fe3fdd5d95adcac38ae228ddf6b12 | Triage

Submit
Reports

Overview

overview

Static

static

8bac7df546...4e.zip

windows10-2004-x64

Resubmissions

26-09-2022 21:37

220926-1gt65sdbcq 10

26-09-2022 21:31

220926-1c217acad8 1

Sharing

General

Target

8bac7df54648d64d943b80706db9de86ec5787d7cf3b330e860972568d100c4e.zip
Size

294KB
Sample

220926-1gt65sdbcq
MD5

6296b39a811f6510e852218aa274f25e
SHA1

399ee66bd41553e31f9fb8337b609925934f9ec5
SHA256

6358d9acb3124a4f0f69bc6fc481c2194a1fe3fdd5d95adcac38ae228ddf6b12
SHA512

f3f8be5e24af1858341cfd42441dd4e9a5392810e245820e0f318f3d2a972db84f3c321980524c0298dca38064271fb2038afcce41c84bd9dae5bca81896234d
SSDEEP

6144:NPeas3zuOf7gTZ90DgOLNGIr7qnuZoHkbDjAWcPb0DOBdJVF2BO5SsT:1dsfMTZOUu9X66ZbDjBcTpBdJGeT

Score

10^/10

icedid 2537954433 banker loader trojan

Static task

static1

Behavioral task

behavioral1

Sample

8bac7df54648d64d943b80706db9de86ec5787d7cf3b330e860972568d100c4e.zip

Resource

win10v2004-20220812-en

icedid 2537954433 banker loader trojan

windows10-2004-x64

12 signatures

600 seconds

Malware Config

Extracted

Family

icedid

Campaign

2537954433

C2

scainznorka.com

Targets

- Target
  
  8bac7df54648d64d943b80706db9de86ec5787d7cf3b330e860972568d100c4e.zip
- Size
  
  293KB
- MD5
  
  21f42191d0705e7d21a3631cfcb9696d
- SHA1
  
  28b46f4b6b3431e70b42fd9077152e892bfad0b5
- SHA256
  
  8bac7df54648d64d943b80706db9de86ec5787d7cf3b330e860972568d100c4e
- SHA512
  
  bbb2d2ad3f44c788ae132232ebabd6852f71f50b4be4dc996ec94f8a67f8165ffc0f2ab04d6f76e3806bdc59c84269d0e7efd7916efae757e08f1dd06dd852a1
- SSDEEP
  
  6144:hG+4B0OYfyppAYMk7Lx7nu+S73gOINHRrAqkIE:k+YfCmytaxAl
Score

10^/10

icedid 2537954433 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

icedid2537954433bankerloadertrojan

© 2018-2024

Terms | Privacy