Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

General

  • Target

    agency_kepped_jounced.db

  • Size

    56KB

  • Sample

    221019-wnj8asahf3

  • MD5

    3e1b72b890f33d2e4103ba4d8b355232

  • SHA1

    d2dcc8c99b63ba04d32ad6dfa32ad232c1c1744c

  • SHA256

    2dee42403c2f403a9cfcb34ca951a8e35acf790186892da646f5640e94b0195c

  • SHA512

    7d887b6f57d77a1d1c612fe137e82449c2e3f3b3ea0c9c051e49dee30253e81437617b3083ad96585526937575f86af70726a8b57c697e32062ff755b55b4f64

  • SSDEEP

    1536:vEJQEtAoXSQ4Vz3nGDS2+abcLNpjx/NyhqH15QoArSyACXg:MJLjXSQ636dKchqzQx

Malware Config

Extracted

Family

icedid

Campaign

56237520

C2

tablearmestion.com

Targets

    • Target

      agency_kepped_jounced.db

    • Size

      56KB

    • MD5

      3e1b72b890f33d2e4103ba4d8b355232

    • SHA1

      d2dcc8c99b63ba04d32ad6dfa32ad232c1c1744c

    • SHA256

      2dee42403c2f403a9cfcb34ca951a8e35acf790186892da646f5640e94b0195c

    • SHA512

      7d887b6f57d77a1d1c612fe137e82449c2e3f3b3ea0c9c051e49dee30253e81437617b3083ad96585526937575f86af70726a8b57c697e32062ff755b55b4f64

    • SSDEEP

      1536:vEJQEtAoXSQ4Vz3nGDS2+abcLNpjx/NyhqH15QoArSyACXg:MJLjXSQ636dKchqzQx

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

    • Blocklisted process makes network request

MITRE ATT&CK Matrix

Tasks