Extracted

• • Target

    d3c10d56-b1d4-4523-a72c-ff3967eebaab.html

  • Size

    246KB

  • MD5

    ee33156d9f9a49c3d045532635ba24d2

  • SHA1

    daf619fa3c91577dd7c6667a4be02153e5e87fd9

  • SHA256

    f3f0e8f3f1c21001acb54f2d576db65d55eacf2c24145625e0678a8f437c571e

  • SHA512

    81ebcf146cf8a89438cfe197826107755dbec50ed87026c3a3ff0efedde11cc4b56535ccb38c7a20266c801fb71e9a3168fcffdc19aa76e801bf13656ee2bce7

  • SSDEEP

    6144:KK3a2FgNFhEjQZpSem3N/DkSf3Yx1VJSxt+ooYur:KK3a8QzoAK3Yx3JSxcY2

  Score

  10^/10

  icedid533886235bankerloaderpersistencetrojan

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

    trojanbankericedid

  • Blocklisted process makes network request

  • Loads dropped DLL

  • Adds Run key to start application

    persistence

  • Enumerates connected drives

    Attempts to read the root path of hard drives other than the default C: drive.

  behavioral1