icedid | 55ace25fda086db024b45a0cb4ed0adea4da42791165ba05b992dc17625790c7 | Triage

Submit
Reports

Overview

overview

Static

static

almoez_inv...2.html

windows10-2004-x64

Sharing

General

Target

almoez_invoice_10.04.22.html
Size

1.6MB
Sample

221012-trqs5sbahn
MD5

4d698ccde1e4b6c42b0e3b59c5beabd5
SHA1

892e2ce77db2a8a9d5b79cda2b19577f6aaf10b6
SHA256

55ace25fda086db024b45a0cb4ed0adea4da42791165ba05b992dc17625790c7
SHA512

1f1d5ef1248ed3a7d690a91553d2c22d5e536ecdeae1c3248262dee6e5fee911ded45b6a292f75daf69f3efc0375a0834cfecc139366a510f53c7a5bdb5362a7
SSDEEP

24576:n1txrjFE2tIpW0o3lnqah830YRvkaEvB2PFTVBloA3OIDRmgtxF6EuwZ588b5v6Y:djFRtWk1nBE+TJE9oA1mgBduwlbVFrf

Score

10^/10

icedid 140125615 banker loader trojan

Static task

static1

Behavioral task

behavioral1

Sample

almoez_invoice_10.04.22.html

Resource

win10v2004-20220812-en

icedid 140125615 banker loader trojan

windows10-2004-x64

14 signatures

150 seconds

Malware Config

Extracted

Family

icedid

Campaign

140125615

C2

fireskupigar.com

Targets

- Target
  
  almoez_invoice_10.04.22.html
- Size
  
  1.6MB
- MD5
  
  4d698ccde1e4b6c42b0e3b59c5beabd5
- SHA1
  
  892e2ce77db2a8a9d5b79cda2b19577f6aaf10b6
- SHA256
  
  55ace25fda086db024b45a0cb4ed0adea4da42791165ba05b992dc17625790c7
- SHA512
  
  1f1d5ef1248ed3a7d690a91553d2c22d5e536ecdeae1c3248262dee6e5fee911ded45b6a292f75daf69f3efc0375a0834cfecc139366a510f53c7a5bdb5362a7
- SSDEEP
  
  24576:n1txrjFE2tIpW0o3lnqah830YRvkaEvB2PFTVBloA3OIDRmgtxF6EuwZ588b5v6Y:djFRtWk1nBE+TJE9oA1mgBduwlbVFrf
Score

10^/10

icedid 140125615 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Peripheral Device Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

icedid140125615bankerloadertrojan

© 2018-2024

Terms | Privacy