Overview

overview

10

Static

static

stenciling.db.dll

windows7-x64

10

stenciling.db.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    stenciling.db.exe

  • Size

    532KB

  • Sample

    220926-x1g45schfr

  • MD5

    908846527f104b1f0aa5d4856716b682

  • SHA1

    877c816a605450a86b6a24fce3977a693f60b4b0

  • SHA256

    abc0382a20c86144086e39ccf107bb7702bde07dcc66a06967a01bc15f6a1432

  • SHA512

    5c07ff9026a04b5ac10da2fad12376c1bbf759a6c88ce91511feedeaad351366338e3f1f93e5c56d6270654bbc2f1a13e88feed12a0bc788d6305540c3a7ee52

  • SSDEEP

    6144:sEJT/WWRn8SwytzDTvCrQEgPL601iSvfkAierdcLh3lT:sEIypvCsbt1lvcFLvT

Score
10/10
icedid2537954433bankerloadertrojan

Malware Config

Extracted

Family

icedid

Campaign

2537954433

C2

scainznorka.com

Targets

    • Target

      stenciling.db.exe

    • Size

      532KB

    • MD5

      908846527f104b1f0aa5d4856716b682

    • SHA1

      877c816a605450a86b6a24fce3977a693f60b4b0

    • SHA256

      abc0382a20c86144086e39ccf107bb7702bde07dcc66a06967a01bc15f6a1432

    • SHA512

      5c07ff9026a04b5ac10da2fad12376c1bbf759a6c88ce91511feedeaad351366338e3f1f93e5c56d6270654bbc2f1a13e88feed12a0bc788d6305540c3a7ee52

    • SSDEEP

      6144:sEJT/WWRn8SwytzDTvCrQEgPL601iSvfkAierdcLh3lT:sEIypvCsbt1lvcFLvT

    Score
    10/10
    icedid2537954433bankerloadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks