Overview

overview

10

Static

static

tmpFB1E.dll

windows7-x64

10

tmpFB1E.dll

windows10-2004-x64

10

Resubmissions

15-12-2022 13:30

221215-qr3wxscd82 10

15-12-2022 13:30

221215-qrz52afd7w 1

05-12-2022 20:53

221205-zpaa9sfa98 3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    tmpFB1E.dll.exe

  • Size

    269KB

  • Sample

    221215-qr3wxscd82

  • MD5

    c7ca67a72a6cad3fc366e6e172539859

  • SHA1

    fd1855605f49c59a0894f7a8b848303eb099f496

  • SHA256

    c705008b6656feabe462ebb2363d6a259581cea574872cb1c6c440dbd23ad4fa

  • SHA512

    5727151a1e2680fd482fa8a882ead4242c1f96b4119f0c7672fc7a5b5d2df8a226b15dc69f6ce0f7ccfe17510f21a0af4c23ecb000bda6f29252daf724c16fbd

  • SSDEEP

    6144:MTHJ5BU2WigC+/NZy40onBQ14xdN8IcfSLZ:qDB0igC+/NHBQ1SdwSd

Score
10/10
icedid787509923bankerloadertrojan

Malware Config

Extracted

Family

icedid

Campaign

787509923

C2

kamintrewftor.com

Targets

    • Target

      tmpFB1E.dll.exe

    • Size

      269KB

    • MD5

      c7ca67a72a6cad3fc366e6e172539859

    • SHA1

      fd1855605f49c59a0894f7a8b848303eb099f496

    • SHA256

      c705008b6656feabe462ebb2363d6a259581cea574872cb1c6c440dbd23ad4fa

    • SHA512

      5727151a1e2680fd482fa8a882ead4242c1f96b4119f0c7672fc7a5b5d2df8a226b15dc69f6ce0f7ccfe17510f21a0af4c23ecb000bda6f29252daf724c16fbd

    • SSDEEP

      6144:MTHJ5BU2WigC+/NZy40onBQ14xdN8IcfSLZ:qDB0igC+/NHBQ1SdwSd

    Score
    10/10
    icedid787509923bankerloadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks