Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

agency_kep...ed.dll

windows7-x64

10

agency_kep...ed.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    agency_kepped_jounced.db

  • Size

    56KB

  • Sample

    221019-wnj8asahf3

  • MD5

    3e1b72b890f33d2e4103ba4d8b355232

  • SHA1

    d2dcc8c99b63ba04d32ad6dfa32ad232c1c1744c

  • SHA256

    2dee42403c2f403a9cfcb34ca951a8e35acf790186892da646f5640e94b0195c

  • SHA512

    7d887b6f57d77a1d1c612fe137e82449c2e3f3b3ea0c9c051e49dee30253e81437617b3083ad96585526937575f86af70726a8b57c697e32062ff755b55b4f64

  • SSDEEP

    1536:vEJQEtAoXSQ4Vz3nGDS2+abcLNpjx/NyhqH15QoArSyACXg:MJLjXSQ636dKchqzQx

Score
10/10
icedid56237520bankerloadertrojan

Malware Config

Extracted

Family

icedid

Campaign

56237520

C2

tablearmestion.com

Targets

    • Target

      agency_kepped_jounced.db

    • Size

      56KB

    • MD5

      3e1b72b890f33d2e4103ba4d8b355232

    • SHA1

      d2dcc8c99b63ba04d32ad6dfa32ad232c1c1744c

    • SHA256

      2dee42403c2f403a9cfcb34ca951a8e35acf790186892da646f5640e94b0195c

    • SHA512

      7d887b6f57d77a1d1c612fe137e82449c2e3f3b3ea0c9c051e49dee30253e81437617b3083ad96585526937575f86af70726a8b57c697e32062ff755b55b4f64

    • SSDEEP

      1536:vEJQEtAoXSQ4Vz3nGDS2+abcLNpjx/NyhqH15QoArSyACXg:MJLjXSQ636dKchqzQx

    Score
    10/10
    icedid56237520bankerloadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks