Overview

overview

10

Static

static

6849p005.dll

windows7-x64

10

6849p005.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    6849p005.dll.exe

  • Size

    91KB

  • Sample

    221111-gvwscahfh8

  • MD5

    e93adbd7ef31f56b0debb57d3f5c0d6a

  • SHA1

    5e116882001fcbe343d409d742d08151c18ed433

  • SHA256

    01a0c5704317c28d31607db9a2b484faa214dd3b0781fa201ba27d3d7dbb9b60

  • SHA512

    d0dca9e8bcc6109aeef9ca3a3dce4372c773c6d5cad15f8d05e4f5527e635abb685000b64e38fd8207904a457d2d542692b94123bcbd2d698d266f66fc70a28a

  • SSDEEP

    1536:Skmo3Uy3PEXX01u4APFIzO55RGh8WKAYNvWEAueFPCV70W0GIQqcch9ypqlh/vYL:P3UyfEXXTKqMh8sYNvWEAnQ90Sqccjyx

Score
10/10
icedid1292139634bankerloadertrojan

Malware Config

Extracted

Family

icedid

Campaign

1292139634

C2

oiurkastarting.com

Targets

    • Target

      6849p005.dll.exe

    • Size

      91KB

    • MD5

      e93adbd7ef31f56b0debb57d3f5c0d6a

    • SHA1

      5e116882001fcbe343d409d742d08151c18ed433

    • SHA256

      01a0c5704317c28d31607db9a2b484faa214dd3b0781fa201ba27d3d7dbb9b60

    • SHA512

      d0dca9e8bcc6109aeef9ca3a3dce4372c773c6d5cad15f8d05e4f5527e635abb685000b64e38fd8207904a457d2d542692b94123bcbd2d698d266f66fc70a28a

    • SSDEEP

      1536:Skmo3Uy3PEXX01u4APFIzO55RGh8WKAYNvWEAueFPCV70W0GIQqcch9ypqlh/vYL:P3UyfEXXTKqMh8sYNvWEAnQ90Sqccjyx

    Score
    10/10
    icedid1292139634bankerloadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks