Overview

overview

10

Static

static

ver123.dll

windows7-x64

10

ver123.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    ver123.dll.exe

  • Size

    96KB

  • Sample

    221115-axxdbsaf7t

  • MD5

    c002be28e6c72106ce93f8afed7ddba7

  • SHA1

    533ef4b2b8fcbe8cf8842ba7a9b35c530cfd1e33

  • SHA256

    77f25fef713c0e8c269c71f67d6c2aa162601ef4e41433777f6c4a131528eebb

  • SHA512

    c6239328a887c04bdbf589ddb055d530e13b9448eec24ae1cc834eeaeecb91810fa011939230683e984ff14bd0409c8687253d0f17c165626432fb679d4d784c

  • SSDEEP

    3072:zhsRYxpnZaiZuko6XK1DK+hfN/bfw/5hT:txZpkDKo1TfI

Score
10/10
icedid1609463178bankerloadertrojan

Malware Config

Extracted

Family

icedid

Campaign

1609463178

C2

trolspeaksunt.com

Targets

    • Target

      ver123.dll.exe

    • Size

      96KB

    • MD5

      c002be28e6c72106ce93f8afed7ddba7

    • SHA1

      533ef4b2b8fcbe8cf8842ba7a9b35c530cfd1e33

    • SHA256

      77f25fef713c0e8c269c71f67d6c2aa162601ef4e41433777f6c4a131528eebb

    • SHA512

      c6239328a887c04bdbf589ddb055d530e13b9448eec24ae1cc834eeaeecb91810fa011939230683e984ff14bd0409c8687253d0f17c165626432fb679d4d784c

    • SSDEEP

      3072:zhsRYxpnZaiZuko6XK1DK+hfN/bfw/5hT:txZpkDKo1TfI

    Score
    10/10
    icedid1609463178bankerloadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks