Overview

overview

10

Static

static

woodshedding.dat.dll

windows7-x64

1

woodshedding.dat.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    woodshedding.dat.dll

  • Size

    679KB

  • Sample

    220928-sdc5fshdbr

  • MD5

    d8fb22479a5e2040efe4e5fe9babc9a5

  • SHA1

    2bd9ff0b955cdb8cbb5387ea2ccd6c3f18f2063b

  • SHA256

    d509316c30616c55957a88a8531878a91f16011b42ab8ff4a5165e395616f8d8

  • SHA512

    d20fc1600094cca7b6521d7622499170118561b30a49d004aca64d1c2da9c6f31cdb823b1f215381002fc9b7f5a5987bf735247ad0c800f50bd772f767e555c9

  • SSDEEP

    6144:ubDGxaxfEfXcB8M8vpjt8ldpCOzHWyNQOvGTD2aGDOnWHICda98Hrm:6kIGMweWaG25OnVC+

Score
10/10
icedid2220668032bankerloadertrojan

Malware Config

Extracted

Family

icedid

Campaign

2220668032

C2

alockajilly.com

Targets

    • Target

      woodshedding.dat.dll

    • Size

      679KB

    • MD5

      d8fb22479a5e2040efe4e5fe9babc9a5

    • SHA1

      2bd9ff0b955cdb8cbb5387ea2ccd6c3f18f2063b

    • SHA256

      d509316c30616c55957a88a8531878a91f16011b42ab8ff4a5165e395616f8d8

    • SHA512

      d20fc1600094cca7b6521d7622499170118561b30a49d004aca64d1c2da9c6f31cdb823b1f215381002fc9b7f5a5987bf735247ad0c800f50bd772f767e555c9

    • SSDEEP

      6144:ubDGxaxfEfXcB8M8vpjt8ldpCOzHWyNQOvGTD2aGDOnWHICda98Hrm:6kIGMweWaG25OnVC+

    Score
    10/10
    icedid2220668032bankerloadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks