icedid | dc8e64794ac5e4b9b4495a936a5a001c09b86dc4774d184491fec192918146c7 | Triage

Submit
Reports

Overview

overview

Static

static

run.bat

windows7-x64

Sharing

General

Target

photoloader.zip
Size

174KB
Sample

221229-kvafwsfg9y
MD5

b108a22d350dfbbdc6a071c831dad3e5
SHA1

a0cb8912247dada560f34fcfb22dfb0d6c4785ea
SHA256

dc8e64794ac5e4b9b4495a936a5a001c09b86dc4774d184491fec192918146c7
SHA512

3f55fff091301bc9cc3971b0b05599f63fcd1e502a3336de270f0236c960d630d9ec1205ff62d34ec317f8b922d2f5eeca2119636a4b006b62958f721640773a
SSDEEP

3072:Xg1IuDce5SI3MUYe11Z7DzOIVXlVAGzjEIv7miwK34uP5QH/piKahh0OvJj:Qke4WD7/VXDIIMK3T+hEh0OR

Score

10^/10

icedid 3247066813 banker loader trojan

Static task

static1

Behavioral task

behavioral1

Sample

run.bat

Resource

win7-20220812-en

icedid 3247066813 banker loader trojan

windows7-x64

4 signatures

300 seconds

Malware Config

Extracted

Family

icedid

Campaign

3247066813

C2

whothitheka.com

Targets

- Target
  
  run.bat
- Size
  
  63B
- MD5
  
  fe6a5ce4b6aa95bd0b100c5e8c1b3c54
- SHA1
  
  165d1ed5ba9d39021de2f8c1684988b17ccb40a2
- SHA256
  
  0e83b96bef38138c9cb80ab11020dfa015791337b69953f363b9ba694a35d932
- SHA512
  
  024d66b787c51ee8a10082ac16d3c8995ed667c18e60537a84822980dd6856038a3312331229e50f81b5c90c64c8704111e6f0c800b271bb6775889602989116
Score

10^/10

icedid 3247066813 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Blocklisted process makes network request
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid3247066813bankerloadertrojan

© 2018-2024

Terms | Privacy