icedid | 246259c40c82a913b446c9ed1bfe3a8866074f50f149345bf463849896e1526c | Triage

Submit
Reports

Overview

overview

Static

static

246259c40c...6c.exe

windows7-x64

246259c40c...6c.exe

windows10-2004-x64

Sharing

General

Target

246259c40c82a913b446c9ed1bfe3a8866074f50f149345bf463849896e1526c
Size

115KB
Sample

221125-kd8bladg38
MD5

84c019dfea28c684e11e4ca7c5e4ada8
SHA1

3b00b357e9a34af5e87b0fc5500e5cad0956a670
SHA256

246259c40c82a913b446c9ed1bfe3a8866074f50f149345bf463849896e1526c
SHA512

48a2e3ef8c9e243b59ab559646d892b3859b127c6431d74d36719dfd6a31aad8d58187b50294f2cc80cc4ffeae6ee7a10440bdb7ad90dbb652a3ba5bb92a2c33
SSDEEP

1536:T+NI10z6tSJ+VfIe1WxLEB6P5i4mm6JhwyXkK4dWrineLA5q3tyL+QHqO8UIjP6e:T+NIqJmsNdA3tyL+2kUIjyra5fl1

Score

10^/10

icedid 31930400 banker loader trojan

Static task

static1

Behavioral task

behavioral1

Sample

246259c40c82a913b446c9ed1bfe3a8866074f50f149345bf463849896e1526c.exe

Resource

win7-20221111-en

icedid 31930400 banker loader trojan

windows7-x64

2 signatures

150 seconds

Behavioral task

behavioral2

Sample

246259c40c82a913b446c9ed1bfe3a8866074f50f149345bf463849896e1526c.exe

Resource

win10v2004-20221111-en

icedid 31930400 banker loader trojan

windows10-2004-x64

2 signatures

150 seconds

Malware Config

Extracted

Family

icedid

Extracted

Family

icedid

Botnet

31930400

C2

asterioidglowo.club

greedyfopolo.best

Attributes

auth_var
1
url_path
/audio/

Targets

- Target
  
  246259c40c82a913b446c9ed1bfe3a8866074f50f149345bf463849896e1526c
- Size
  
  115KB
- MD5
  
  84c019dfea28c684e11e4ca7c5e4ada8
- SHA1
  
  3b00b357e9a34af5e87b0fc5500e5cad0956a670
- SHA256
  
  246259c40c82a913b446c9ed1bfe3a8866074f50f149345bf463849896e1526c
- SHA512
  
  48a2e3ef8c9e243b59ab559646d892b3859b127c6431d74d36719dfd6a31aad8d58187b50294f2cc80cc4ffeae6ee7a10440bdb7ad90dbb652a3ba5bb92a2c33
- SSDEEP
  
  1536:T+NI10z6tSJ+VfIe1WxLEB6P5i4mm6JhwyXkK4dWrineLA5q3tyL+QHqO8UIjP6e:T+NIqJmsNdA3tyL+2kUIjyra5fl1
Score

10^/10

icedid 31930400 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- IcedID Second Stage Loader
  loader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid31930400bankerloadertrojan

behavioral2

icedid31930400bankerloadertrojan

© 2018-2024

Terms | Privacy