Overview

overview

10

Static

static

studio.dll

windows7-x64

10

studio.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    studio.dat

  • Size

    479KB

  • Sample

    221005-slhd5sehfk

  • MD5

    af94d84f4a38ff1b85bb03b056057bd8

  • SHA1

    80fd133209f7ebf1d3e8fbf3f31d020da356fec0

  • SHA256

    1012395039d6528777157a54b934b8f393a2c883a78259ec3a6650301fa6e232

  • SHA512

    0f7cf66d31315b9e6800e25ad92ad3a3f458a2627ddae5424741742a489b0268233f67908ea85d3043db0c5c419f0fdc7cc33299eff0c2d71ce9918549dffa90

  • SSDEEP

    6144:Tu+Y+79+lSS5lrtyWz2RcnzEecili1nKcp4dbcYY7Dq79Yfw7CFwn/C6m3n:TTY+5CyWz2JnKcp49nUwn4

Score
10/10
icedid2348925224bankerloadertrojan

Malware Config

Extracted

Family

icedid

Campaign

2348925224

C2

fireskupigar.com

Targets

    • Target

      studio.dat

    • Size

      479KB

    • MD5

      af94d84f4a38ff1b85bb03b056057bd8

    • SHA1

      80fd133209f7ebf1d3e8fbf3f31d020da356fec0

    • SHA256

      1012395039d6528777157a54b934b8f393a2c883a78259ec3a6650301fa6e232

    • SHA512

      0f7cf66d31315b9e6800e25ad92ad3a3f458a2627ddae5424741742a489b0268233f67908ea85d3043db0c5c419f0fdc7cc33299eff0c2d71ce9918549dffa90

    • SSDEEP

      6144:Tu+Y+79+lSS5lrtyWz2RcnzEecili1nKcp4dbcYY7Dq79Yfw7CFwn/C6m3n:TTY+5CyWz2JnKcp49nUwn4

    Score
    10/10
    icedid2348925224bankerloadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks