Overview

overview

10

Static

static

ecclesiastical.dll

windows7-x64

10

ecclesiastical.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ecclesiastical.dat

  • Size

    479KB

  • Sample

    221005-tfhndsfaeq

  • MD5

    5ccfaa1652d1afb0bc94d0a0fc4ec2b0

  • SHA1

    95930ab67a09ddfc8531a3d8b722e965827686c9

  • SHA256

    b09777eb59401d2b2cb0b4b9f0f8fe25a351248e5b15d2ebb2b4b128e85e56e0

  • SHA512

    b901d09c214959d9f2545de9f45613c2033953c1a9f68b5778c1de165355dc36100411714453422fe50abda96e1ba0c7461ec2d2bc83c86eab0a344488979550

  • SSDEEP

    6144:rJpRkqvN6dQM9eyjcnzeX1GmQnehuuS8D52XJ2hfwT7/R7NlFm81nKcpWlD:7RkXEyXLQEF2V5nKcp6D

Score
10/10
icedid2348925224bankerloadertrojan

Malware Config

Extracted

Family

icedid

Campaign

2348925224

C2

fireskupigar.com

Targets

    • Target

      ecclesiastical.dat

    • Size

      479KB

    • MD5

      5ccfaa1652d1afb0bc94d0a0fc4ec2b0

    • SHA1

      95930ab67a09ddfc8531a3d8b722e965827686c9

    • SHA256

      b09777eb59401d2b2cb0b4b9f0f8fe25a351248e5b15d2ebb2b4b128e85e56e0

    • SHA512

      b901d09c214959d9f2545de9f45613c2033953c1a9f68b5778c1de165355dc36100411714453422fe50abda96e1ba0c7461ec2d2bc83c86eab0a344488979550

    • SSDEEP

      6144:rJpRkqvN6dQM9eyjcnzeX1GmQnehuuS8D52XJ2hfwT7/R7NlFm81nKcpWlD:7RkXEyXLQEF2V5nKcp6D

    Score
    10/10
    icedid2348925224bankerloadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks