Overview

overview

10

Static

static

subtract_lost.dll

windows7-x64

10

subtract_lost.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    subtract_lost.png

  • Size

    95KB

  • Sample

    221116-3ng69sdc96

  • MD5

    2281d8971802ab0d1ae4282f26ff95cc

  • SHA1

    8636c460bdd97d8121e1f00f36d0c8b6bf93ac06

  • SHA256

    769cc60e51053a6fefc4e4e167692ef23afab2cd2d6f404ed4fb35b81b82813d

  • SHA512

    2c0c0ccd4f7f54d8b6d013962cba0124b196f50e4ede0ededad08c2ce3f1365a6ce020a88e0dd7c54165335c3a75c72ec6a07860a1542d04e464a3b63a778323

  • SSDEEP

    1536:1y5k7TI5OMPHJ0u25+bCHxMBUZfbKIW4o5mEC6iExd3I+/7CDwrwzLNnIdJDbyHs:z7TI0MBFbCHxMMu45ECXEzYfLtM

Score
10/10
icedid1626240797bankerloadertrojan

Malware Config

Extracted

Family

icedid

Campaign

1626240797

C2

aurasantisflork.com

Targets

    • Target

      subtract_lost.png

    • Size

      95KB

    • MD5

      2281d8971802ab0d1ae4282f26ff95cc

    • SHA1

      8636c460bdd97d8121e1f00f36d0c8b6bf93ac06

    • SHA256

      769cc60e51053a6fefc4e4e167692ef23afab2cd2d6f404ed4fb35b81b82813d

    • SHA512

      2c0c0ccd4f7f54d8b6d013962cba0124b196f50e4ede0ededad08c2ce3f1365a6ce020a88e0dd7c54165335c3a75c72ec6a07860a1542d04e464a3b63a778323

    • SSDEEP

      1536:1y5k7TI5OMPHJ0u25+bCHxMBUZfbKIW4o5mEC6iExd3I+/7CDwrwzLNnIdJDbyHs:z7TI0MBFbCHxMMu45ECXEzYfLtM

    Score
    10/10
    icedid1626240797bankerloadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks