Overview

overview

10

Static

static

8960t227.6n7.dll

windows7-x64

10

8960t227.6n7.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8960t227.6n7.exe

  • Size

    91KB

  • Sample

    221111-hel4mshhg4

  • MD5

    e8c3b0775526896858aeaceb1eba7ffd

  • SHA1

    fc770c507fdb67bf294c78466b42719b3dc13253

  • SHA256

    59ecbf50bc1e38864728e19ae15ffead87a59d7274002508656292b057665c63

  • SHA512

    2a338a38af966c7c0b799e96365f9cb7779590f7921cc6faeb1d9be13453a561c32fa5c98733c5566e0c84aced9f68c86fb0c56447327729b4e834962d6be054

  • SSDEEP

    1536:jkmo3Uy3PEXX01u4APFIzO55RGh8WKAYNvWEAueFPCV70W0GIQqcch9ypqlh/vYL:83UyfEXXTKqMh8sYNvWEAnQ90Sqccjyx

Score
10/10
icedid1292139634bankerloadertrojan

Malware Config

Extracted

Family

icedid

Campaign

1292139634

C2

oiurkastarting.com

Targets

    • Target

      8960t227.6n7.exe

    • Size

      91KB

    • MD5

      e8c3b0775526896858aeaceb1eba7ffd

    • SHA1

      fc770c507fdb67bf294c78466b42719b3dc13253

    • SHA256

      59ecbf50bc1e38864728e19ae15ffead87a59d7274002508656292b057665c63

    • SHA512

      2a338a38af966c7c0b799e96365f9cb7779590f7921cc6faeb1d9be13453a561c32fa5c98733c5566e0c84aced9f68c86fb0c56447327729b4e834962d6be054

    • SSDEEP

      1536:jkmo3Uy3PEXX01u4APFIzO55RGh8WKAYNvWEAueFPCV70W0GIQqcch9ypqlh/vYL:83UyfEXXTKqMh8sYNvWEAnQ90Sqccjyx

    Score
    10/10
    icedid1292139634bankerloadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks