icedid | 4a78df270fc9b84c19ddcd0896d7147ae0e4aad88613cd49b350dbd75f04ef25 | Triage

Submit
Reports

Overview

overview

Static

static

desktop.dll

windows7-x64

desktop.dll

windows10-2004-x64

Sharing

General

Target

desktop.ini
Size

970KB
Sample

221215-my1hlafb8w
MD5

ceff6af77b601a27ca158462b3951161
SHA1

0828a0b516ded5351bc7c8059f043901c195d4c2
SHA256

4a78df270fc9b84c19ddcd0896d7147ae0e4aad88613cd49b350dbd75f04ef25
SHA512

62720697fd8c6deb147f18681d4e6b0a95b004d05c50f981b18acb5410dd0c07bf37e27417db76a73eea64ced6adee50402caba549a8c2c3930e0ddac6123b9f
SSDEEP

12288:xfbX8ei68nEXe963zTnecHZ4ke7i2G1CnL180bn2ONRj1LEkuUkkSgXOcLUjqI9u:hb8e1e96Pef7k0bNRjpB4dPURaSh

Score

10^/10

icedid 2302411646 banker loader trojan

Static task

static1

Behavioral task

behavioral1

Sample

desktop.dll

Resource

win7-20220812-en

icedid 2302411646 banker loader trojan

windows7-x64

6 signatures

300 seconds

Behavioral task

behavioral2

Sample

desktop.dll

Resource

win10v2004-20221111-en

icedid 2302411646 banker loader trojan

windows10-2004-x64

6 signatures

300 seconds

Malware Config

Extracted

Family

icedid

Campaign

2302411646

C2

klepdrafooip.com

Targets

- Target
  
  desktop.ini
- Size
  
  970KB
- MD5
  
  ceff6af77b601a27ca158462b3951161
- SHA1
  
  0828a0b516ded5351bc7c8059f043901c195d4c2
- SHA256
  
  4a78df270fc9b84c19ddcd0896d7147ae0e4aad88613cd49b350dbd75f04ef25
- SHA512
  
  62720697fd8c6deb147f18681d4e6b0a95b004d05c50f981b18acb5410dd0c07bf37e27417db76a73eea64ced6adee50402caba549a8c2c3930e0ddac6123b9f
- SSDEEP
  
  12288:xfbX8ei68nEXe963zTnecHZ4ke7i2G1CnL180bn2ONRj1LEkuUkkSgXOcLUjqI9u:hb8e1e96Pef7k0bNRjpB4dPURaSh
Score

10^/10

icedid 2302411646 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid2302411646bankerloadertrojan

behavioral2

icedid2302411646bankerloadertrojan

© 2018-2024

Terms | Privacy