Overview

overview

10

Static

static

uninhabitable.tmp.dll

windows7-x64

10

uninhabitable.tmp.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    uninhabitable.tmp.exe

  • Size

    91KB

  • Sample

    221112-mc3qtseg98

  • MD5

    50a3d1ef3ef0d40ca9a7867befacbb8d

  • SHA1

    12cb98ef6110082f94837b094fdf0adc3bbc1aa7

  • SHA256

    e910ffd16e3cab8007c97409e8fe9afcc3e50d363d4caa6cd8d4cedc3f0444d4

  • SHA512

    fd970b8119e3f19cb7653ce1a617873fef2ef9bc2df1713bc6d13c0f16be98ae725ee92f1c513bec1c6cd999bd6dbc2f8d4f2b41b71dc2963f889bc4a0cd0cfd

  • SSDEEP

    1536:9XREXIBJWIsBMwYrUvjwI7CdiZEkgusxGEgG+JWx+1GlR:ficWIsBiUcI7CWrgus49KxJlR

Score
10/10
icedid426369791bankerloadertrojan

Malware Config

Extracted

Family

icedid

Campaign

426369791

C2

ahilacarstrupert.com

Targets

    • Target

      uninhabitable.tmp.exe

    • Size

      91KB

    • MD5

      50a3d1ef3ef0d40ca9a7867befacbb8d

    • SHA1

      12cb98ef6110082f94837b094fdf0adc3bbc1aa7

    • SHA256

      e910ffd16e3cab8007c97409e8fe9afcc3e50d363d4caa6cd8d4cedc3f0444d4

    • SHA512

      fd970b8119e3f19cb7653ce1a617873fef2ef9bc2df1713bc6d13c0f16be98ae725ee92f1c513bec1c6cd999bd6dbc2f8d4f2b41b71dc2963f889bc4a0cd0cfd

    • SSDEEP

      1536:9XREXIBJWIsBMwYrUvjwI7CdiZEkgusxGEgG+JWx+1GlR:ficWIsBiUcI7CWrgus49KxJlR

    Score
    10/10
    icedid426369791bankerloadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks