Overview

overview

10

Static

static

imparted.db.dll

windows7-x64

1

imparted.db.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    imparted.db.exe

  • Size

    679KB

  • Sample

    221003-hsm8vscda2

  • MD5

    8214d82abb0300ca02562a59bf1de91e

  • SHA1

    3e652df50f7761e979942e6deab6b5b511ed80d7

  • SHA256

    423c2433f2854310f94740c92ccb0b206a965dad8528261a13cd77a439846fb3

  • SHA512

    bbca4278bc2ecf841db0c60b722ee937c48ebeecf42bf7d7f35e764be1e507bc1e7c8c8b722858a9a3005bce159b0be5400ebd5ab1caef2c2f5cea57addc9ab5

  • SSDEEP

    6144:lg+yhfEfzTxhI43zNOluFa98Hrpi6GLZ/8LxpU61OHMvK8yZ9r/:ldBPRpGLUl1OHM4b/

Score
10/10
icedid2909555027bankerloadertrojan

Malware Config

Extracted

Family

icedid

Campaign

2909555027

C2

guversaksi.com

Targets

    • Target

      imparted.db.exe

    • Size

      679KB

    • MD5

      8214d82abb0300ca02562a59bf1de91e

    • SHA1

      3e652df50f7761e979942e6deab6b5b511ed80d7

    • SHA256

      423c2433f2854310f94740c92ccb0b206a965dad8528261a13cd77a439846fb3

    • SHA512

      bbca4278bc2ecf841db0c60b722ee937c48ebeecf42bf7d7f35e764be1e507bc1e7c8c8b722858a9a3005bce159b0be5400ebd5ab1caef2c2f5cea57addc9ab5

    • SSDEEP

      6144:lg+yhfEfzTxhI43zNOluFa98Hrpi6GLZ/8LxpU61OHMvK8yZ9r/:ldBPRpGLUl1OHM4b/

    Score
    10/10
    icedid2909555027bankerloadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks