Overview

overview

10

Static

static

INV_Decemb...an.zip

windows7-x64

1

INV_Decemb...an.zip

windows10-2004-x64

10

INV_Decemb...an.iso

windows7-x64

3

INV_Decemb...an.iso

windows10-2004-x64

3

Sharing

Copy URL
Twitter E-mail

General

  • Target

    INV_December-20-29_73_scan.zip

  • Size

    164KB

  • Sample

    230109-x639kaah2w

  • MD5

    09e6c5c36e18d95fec639afb60525a81

  • SHA1

    ae5cf031845b357a3234113a5262b4a6c44c89d8

  • SHA256

    afa154d0749d64ab4e1063276d973f2b6f26352fc46e57d9e1382dd541bff862

  • SHA512

    e7d4ff559964cb375a9a1b767452d544c01bb43dce41b9a17ac6b2fb1c70e0299a63ba1824b11f0c0939581e8e0e6a3d77c693cabd6c435c2d0548d0ef8791d6

  • SSDEEP

    3072:1zpMkIkVULLjloD0tMqieNVveP3Sp+NgMOUivOmbnCtovRmOIRRJUmaw07i:pzzInDoPi4MLbn7gOiRemaw07i

Score
10/10
icedid3181355365bankerloadertrojan

Malware Config

Extracted

Family

icedid

Campaign

3181355365

C2

whothitheka.com

Targets

    • Target

      INV_December-20-29_73_scan.zip

    • Size

      164KB

    • MD5

      09e6c5c36e18d95fec639afb60525a81

    • SHA1

      ae5cf031845b357a3234113a5262b4a6c44c89d8

    • SHA256

      afa154d0749d64ab4e1063276d973f2b6f26352fc46e57d9e1382dd541bff862

    • SHA512

      e7d4ff559964cb375a9a1b767452d544c01bb43dce41b9a17ac6b2fb1c70e0299a63ba1824b11f0c0939581e8e0e6a3d77c693cabd6c435c2d0548d0ef8791d6

    • SSDEEP

      3072:1zpMkIkVULLjloD0tMqieNVveP3Sp+NgMOUivOmbnCtovRmOIRRJUmaw07i:pzzInDoPi4MLbn7gOiRemaw07i

    Score
    10/10
    icedid3181355365bankerloadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • Blocklisted process makes network request

    behavioral1behavioral2

    • Target

      INV_December-20-29_73_scan.iso

    • Size

      1.8MB

    • MD5

      1ba34fb5c8c2e3e102d4c96654907ed1

    • SHA1

      f5ba14f7a1a8e9ddb29f19704edcab2c1bd0c8a5

    • SHA256

      1266608c782f1ea3062e5660dab27a27c6fb26b41a65248691f70dfb5dfcfeb9

    • SHA512

      c4e712cc08b02ccc1e2e4117c993e351e7bd0b7bb1f6f02983ba3062969666607cc753da1924432e31149235b90595faf4203c36709994298587d983d694402d

    • SSDEEP

      6144:UBXaa4/Vnx7cYGSriggFBFsHLnSAdOUh2RPF8L:ZpxoPcrJnS3Uh2RPF8L

    Score
    3/10
    behavioral3behavioral4

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Information Discovery

1
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks