icedid | 3d29a16fbc3ae7400fa96d9161defa473fcd2fd82c24929c8254824d50dead6b | Triage

Submit
Reports

Overview

overview

Static

static

Setup_Win_...09.msi

windows7-x64

Sharing

General

Target

Setup_Win_09-12-2022_19-18-09.msi
Size

824KB
Sample

221209-zwdbhahb51
MD5

0353ee6b786fc95a51d4c60d9c5486e2
SHA1

30a34141c94e3f82da655582e6dae4bf2028936c
SHA256

3d29a16fbc3ae7400fa96d9161defa473fcd2fd82c24929c8254824d50dead6b
SHA512

4db04fc840669fd7c3f65da63674cb2516f92b12c9b2f4552cbc354af7f8ff8b3f3b7336301f203ccf39775f01cb9399d99d7213ba867aa19a3b6016a8ed8baa
SSDEEP

24576:EHL0l9mTn3Tp9Lold0aID/kJAHCxWPXoPcTPbgrQlRNKIg8gx:Er0la3kd0oxWPXoPcTPbgrQlRNKIg8g

Score

10^/10

icedid 1178326404 banker loader trojan

Static task

static1

Behavioral task

behavioral1

Sample

Setup_Win_09-12-2022_19-18-09.msi

Resource

win7-20220812-en

icedid 1178326404 banker loader trojan

windows7-x64

11 signatures

150 seconds

Malware Config

Extracted

Family

icedid

Campaign

1178326404

C2

broskabrwaf.com

Targets

- Target
  
  Setup_Win_09-12-2022_19-18-09.msi
- Size
  
  824KB
- MD5
  
  0353ee6b786fc95a51d4c60d9c5486e2
- SHA1
  
  30a34141c94e3f82da655582e6dae4bf2028936c
- SHA256
  
  3d29a16fbc3ae7400fa96d9161defa473fcd2fd82c24929c8254824d50dead6b
- SHA512
  
  4db04fc840669fd7c3f65da63674cb2516f92b12c9b2f4552cbc354af7f8ff8b3f3b7336301f203ccf39775f01cb9399d99d7213ba867aa19a3b6016a8ed8baa
- SSDEEP
  
  24576:EHL0l9mTn3Tp9Lold0aID/kJAHCxWPXoPcTPbgrQlRNKIg8gx:Er0la3kd0oxWPXoPcTPbgrQlRNKIg8g
Score

10^/10

icedid 1178326404 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Blocklisted process makes network request
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Peripheral Device Discovery

System Information Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks

static1

behavioral1

icedid1178326404bankerloadertrojan

© 2018-2024

Terms | Privacy