icedid | a930c4e91e95095ece02d7458c0ebcf911c31e6d82fe53432c5ea121a6cdc930 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

LpQwJw.dll

windows10-1703-x64

Sharing

General

Target

LpQwJw.dll
Size

479KB
Sample

221007-r3h7bscga5
MD5

ff0659f9c55b7bf3c2571b0ac3336db4
SHA1

a4f5d4eb04ee20ca7537bea06f8b5a40a263f46f
SHA256

a930c4e91e95095ece02d7458c0ebcf911c31e6d82fe53432c5ea121a6cdc930
SHA512

06830cc7b396cbca068a58f8533a8d5c53f80a09221941df3c6388701a3cf567bea8e6d62c3793607ccf648c639d08cc9917a144731796bfc45be040e7b743f3
SSDEEP

6144:jT9EzyOHtyKDRZFLincnzifwl1nKcpE+F6SpmfSJOea/89X7VLFdmlD20m9W:jxEzyKyyv4SnKcpzXFI20p

Score

10^/10

icedid 140125615 banker loader trojan

Static task

static1

Behavioral task

behavioral1

Sample

LpQwJw.dll

Resource

win10-20220812-en

icedid 140125615 banker loader trojan

windows10-1703-x64

4 signatures

300 seconds

Malware Config

Extracted

Family

icedid

Campaign

140125615

C2

fireskupigar.com

Targets

- Target
  
  LpQwJw.dll
- Size
  
  479KB
- MD5
  
  ff0659f9c55b7bf3c2571b0ac3336db4
- SHA1
  
  a4f5d4eb04ee20ca7537bea06f8b5a40a263f46f
- SHA256
  
  a930c4e91e95095ece02d7458c0ebcf911c31e6d82fe53432c5ea121a6cdc930
- SHA512
  
  06830cc7b396cbca068a58f8533a8d5c53f80a09221941df3c6388701a3cf567bea8e6d62c3793607ccf648c639d08cc9917a144731796bfc45be040e7b743f3
- SSDEEP
  
  6144:jT9EzyOHtyKDRZFLincnzifwl1nKcpE+F6SpmfSJOea/89X7VLFdmlD20m9W:jxEzyKyyv4SnKcpzXFI20p
Score

10^/10

icedid 140125615 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Blocklisted process makes network request
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid140125615bankerloadertrojan

© 2018-2025

Terms | Privacy