icedid | 923715af8f2e49242e18210c143ffd69300cdf675f61ae33c2f2fcbab6df07e2 | Triage

Submit
Reports

Overview

overview

Static

static

923715af8f...e2.dll

windows7-x64

923715af8f...e2.dll

windows10-2004-x64

Analysis

max time kernel
1144s
max time network
1147s
platform
windows10-2004_x64
resource
win10v2004-20220901-en
resource tags

arch:x64arch:x86image:win10v2004-20220901-enlocale:en-usos:windows10-2004-x64system
submitted
17-11-2022 20:00

Sharing

Static task

static1

Behavioral task

behavioral1

Sample

923715af8f2e49242e18210c143ffd69300cdf675f61ae33c2f2fcbab6df07e2.dll

Resource

win7-20220812-en

icedid 1139942657 banker loader trojan

windows7-x64

1 signatures

1200 seconds

Behavioral task

behavioral2

Sample

923715af8f2e49242e18210c143ffd69300cdf675f61ae33c2f2fcbab6df07e2.dll

Resource

win10v2004-20220901-en

icedid 1139942657 banker loader trojan

windows10-2004-x64

1 signatures

1200 seconds

Report Analysis Logs

General

Target

923715af8f2e49242e18210c143ffd69300cdf675f61ae33c2f2fcbab6df07e2.dll
Size

217KB
MD5

0e0743ab328d6e5447bbc8121affd1aa
SHA1

8a5c7731980d88418afbfe3b866929d853b50dc4
SHA256

923715af8f2e49242e18210c143ffd69300cdf675f61ae33c2f2fcbab6df07e2
SHA512

b5c7e3d1163d783899cff605131d25c5bce3e3fe26421df9d55ae531ada0bb9507f7377d3d7e37a65b7f97192117830bd5518e7d8a76e09a95ade79231f4a229
SSDEEP

6144:cFB3c8jJxDxKR4GhcYoAMXJfBWTLRXlkelohEz:Ym8fDLKoevRVkeloW

Score

10^/10

icedid 1139942657 banker loader trojan

Malware Config

Extracted

Family

icedid

Campaign

1139942657

C2

bayernbadabum.com

Signatures

IcedID, BokBot
IcedID is a banking trojan capable of stealing credentials.
trojan banker icedid

Processes

C:\Windows\system32\regsvr32.exe
regsvr32 /s C:\Users\Admin\AppData\Local\Temp\923715af8f2e49242e18210c143ffd69300cdf675f61ae33c2f2fcbab6df07e2.dll
1⤵
PID:4848

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

memory/4848-132-0x0000000000DB0000-0x0000000000DB9000-memory.dmp

Filesize
36KB

Download

© 2018-2024

Terms | Privacy