Overview

overview

10

Static

static

96849c71c8...b9.exe

windows7-x64

10

96849c71c8...b9.exe

windows10-2004-x64

10

c6aafa6b32...60.exe

windows7-x64

10

c6aafa6b32...60.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    8429379928.zip

  • Size

    491KB

  • Sample

    221118-1l62hade6s

  • MD5

    6172159644c3e9388a774378538889db

  • SHA1

    6d75102808d0c7717976e031bbc061603ba4a094

  • SHA256

    3ffe7587dd72cd9ecf496b6ba46667e5293f87761184779e54f96212cd1d453f

  • SHA512

    ad2cec6eb9ee0f921d0ea2fb3a387d923c483f5647e81876f6d4a829b3a4842fc30b53733e16292e6e0f45e5af6673864da49f04a25bcc9455d1c1a6bcab616b

  • SSDEEP

    12288:R167Al5iNIgqkWm2tU6q+70jOrQD7exJ/7LOn2UdBfMv4brnX5:Rc7ASgkWHWF+7G4XOnZnH3X5

Score
10/10
icedid1816589001930527392bankerloadertrojan

Malware Config

Extracted

Family

icedid

Campaign

181658900

C2

asiksliopakt.com

Extracted

Family

icedid

Campaign

1930527392

C2

starnaddplenumsak.com

Targets

    • Target

      96849c71c8d88d020bb2fdb44faf3c8a4e1c9a6e2c1126016757ef73807f78b9

    • Size

      560KB

    • MD5

      d997fb33d0ad2cc1ddf6214af84d4a2a

    • SHA1

      175026fc7ba8c7b0566264723561cca250f48f07

    • SHA256

      96849c71c8d88d020bb2fdb44faf3c8a4e1c9a6e2c1126016757ef73807f78b9

    • SHA512

      ff414cbdbe82594d599ca487f9ddba98593270d98dd2a4eee4c0f8703200be08264d17a77836ab4421a5f0614a06ac97b66bb00bd4ecca6df0ed6abf2fc9e45a

    • SSDEEP

      6144:AQJt0hn3E6U3DHpwKyLmKyLmKyL36cYV6b4/O47KkOPowb9wZTR:Du1spwkk9UVT7twRaV

    Score
    10/10
    icedid181658900bankerloadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid
    behavioral1behavioral2

    • Target

      c6aafa6b32ac91908ee37207c6feb4cef74aa8e9b82e70c1e58e5691a9319c60

    • Size

      735KB

    • MD5

      066232e9a5c55c8b3c7cac91de55d747

    • SHA1

      aa52f8ce282c111335b943a7c6b8191a17f99018

    • SHA256

      c6aafa6b32ac91908ee37207c6feb4cef74aa8e9b82e70c1e58e5691a9319c60

    • SHA512

      0da3276e1735d2e5f4008d6a6e3f06238362d9cadef69d7e76e177c7a96297972eae61d2176f12ccf27d1c515461d1ee6342cc303d7564aa593e73447f9cdeb5

    • SSDEEP

      12288:7A09SCX6XZXYnXq4XC6EWpwNkQimxoQDRjL0wzU/1:009SCX6XhWvwhyQRRcwzU/1

    Score
    10/10
    icedid1930527392bankerloadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid
    behavioral3behavioral4

MITRE ATT&CK Matrix

Tasks