Overview

overview

10

Static

static

10

0973f6f6a3...fb.exe

windows7-x64

10

0973f6f6a3...fb.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    146s
  • max time network
    204s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    03/10/2022, 07:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    0973f6f6a3150d115f63c023a5208cfb.exe

  • Size

    13KB

  • MD5

    0973f6f6a3150d115f63c023a5208cfb

  • SHA1

    4c5b9ce6d6c3e11f6c11b12fc1465319facc8ea7

  • SHA256

    b3063a902d1acc5bdafb98a7976974ea2430b8d62d8aeb414cc3f2fab190dafa

  • SHA512

    9a7adb738ce42550f85de06578000603cf0e8d8f2b7556ff45c2db22d2b7b8fff79f12c5a3200e11bd6ca9ae01ee263fcc18d370b3d1dd12b1125496f25bdee7

  • SSDEEP

    192:eC+YPv6UOyDqZ1KcMzqTHG+3F+j7rT9z7VYe/7Vd/5A27E0mgGn:eev6UbqZ1K7zX+3q7PEe/7Vd227E0lM

Score
10/10
icedid1776411935bankertrojan

Malware Config

Extracted

Family

icedid

Campaign

1776411935

Signatures

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

    trojanbankericedid
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\0973f6f6a3150d115f63c023a5208cfb.exe
    "C:\Users\Admin\AppData\Local\Temp\0973f6f6a3150d115f63c023a5208cfb.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:1676

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads