Overview

overview

10

Static

static

maximally.tmp.dll

windows7-x64

10

maximally.tmp.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    maximally.tmp.exe

  • Size

    91KB

  • Sample

    221112-l9m6zaaa3t

  • MD5

    973c90300aac68b64fdcc53eea3e3042

  • SHA1

    5deea28b7446c6e7f181068db1c10eb6b4db5a0a

  • SHA256

    8f11dedd768f84aca417415ac6aafbae2ce6fcb52e5faf19f348c4b71f87522a

  • SHA512

    78da61c6c6c8481d31caf6b0ff900c21f7fb5957a9410ae29ac3cc6a93e8574c807d71a1ad7490f09e89a93255be54c571b99244b2a79805594372ad06665c73

  • SSDEEP

    1536:Zet0Ij7MlNXRNRLCRw8FBR0Q6xpeweizs2Xm9+WROCzXiSLuhSiy:JInMX7GweBW/0weN22briS4M

Score
10/10
icedid426369791bankerloadertrojan

Malware Config

Extracted

Family

icedid

Campaign

426369791

C2

ahilacarstrupert.com

Targets

    • Target

      maximally.tmp.exe

    • Size

      91KB

    • MD5

      973c90300aac68b64fdcc53eea3e3042

    • SHA1

      5deea28b7446c6e7f181068db1c10eb6b4db5a0a

    • SHA256

      8f11dedd768f84aca417415ac6aafbae2ce6fcb52e5faf19f348c4b71f87522a

    • SHA512

      78da61c6c6c8481d31caf6b0ff900c21f7fb5957a9410ae29ac3cc6a93e8574c807d71a1ad7490f09e89a93255be54c571b99244b2a79805594372ad06665c73

    • SSDEEP

      1536:Zet0Ij7MlNXRNRLCRw8FBR0Q6xpeweizs2Xm9+WROCzXiSLuhSiy:JInMX7GweBW/0weN22briS4M

    Score
    10/10
    icedid426369791bankerloadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks