Overview

overview

10

Static

static

IRS_form_p...ed.exe

windows7-x64

10

IRS_form_p...ed.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    IRS_form_package_deflated.exe

  • Size

    334KB

  • Sample

    230124-1kdcssfe7y

  • MD5

    b4526bf7e7a10d1ac23ad38150d22644

  • SHA1

    cca7165d0de572fb3979006875d7f9dd00944e5f

  • SHA256

    ea4d822bdaaf9eaefa74ce8eaaeeb0d747f2734ddeadf6c3737e8c6d30fb7ea5

  • SHA512

    6e033c7ce4dc2c75a8a95e6a04999188d573bab9db77ee1893336cb42f9154ba2cd212d747040f8df60fe820959f640f5b6af632d0191dd92f10371a9789701a

  • SSDEEP

    6144:/AHUFNIhsCZaNuaG8Hya5EDZObAnvx7LzKJk3Y1e5KRXmQzFtYVS:oUFUvxaZnaD7+JZCS

Score
10/10
icedid3324185820bankerloadertrojan

Malware Config

Extracted

Family

icedid

Campaign

3324185820

C2

druidfenixis.com

Targets

    • Target

      IRS_form_package_deflated.exe

    • Size

      334KB

    • MD5

      b4526bf7e7a10d1ac23ad38150d22644

    • SHA1

      cca7165d0de572fb3979006875d7f9dd00944e5f

    • SHA256

      ea4d822bdaaf9eaefa74ce8eaaeeb0d747f2734ddeadf6c3737e8c6d30fb7ea5

    • SHA512

      6e033c7ce4dc2c75a8a95e6a04999188d573bab9db77ee1893336cb42f9154ba2cd212d747040f8df60fe820959f640f5b6af632d0191dd92f10371a9789701a

    • SSDEEP

      6144:/AHUFNIhsCZaNuaG8Hya5EDZObAnvx7LzKJk3Y1e5KRXmQzFtYVS:oUFUvxaZnaD7+JZCS

    Score
    10/10
    icedid3324185820bankerloadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks