Overview

overview

10

Static

static

10

59bab4719a...06.exe

windows7-x64

10

59bab4719a...06.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    121s
  • max time network
    125s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20220812-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20220812-enlocale:en-usos:windows10-2004-x64system
  • submitted
    30-01-2023 22:56

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    59bab4719a295a14fb9f8b6217032f6fb3e113369e6fd5db4a885027c6c08006.exe

  • Size

    13KB

  • MD5

    78d2a8c3ab9f26a62f77a33a60ccf0f5

  • SHA1

    60684cabd258229dbc0fd57dddd195ea8a8fdf4d

  • SHA256

    59bab4719a295a14fb9f8b6217032f6fb3e113369e6fd5db4a885027c6c08006

  • SHA512

    0fe30e879950dd4176c728c51c41d118a545756228c2b3097c8fba7a3a1c085f7a6c54aa117a0cc2cc58fed7335496164557ec81492d26e6127e732f1122e6ec

  • SSDEEP

    192:7KbCHpfVTIFyzPDufy2yz7ZBKUFf636yXXVXZ5PM6E6329E:7KbCHFHzmy1z1896yJA6E632

Score
10/10
icedid4040403069bankertrojan

Malware Config

Extracted

Family

icedid

Campaign

4040403069

Signatures

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

    trojanbankericedid
  • Suspicious behavior: EnumeratesProcesses 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\59bab4719a295a14fb9f8b6217032f6fb3e113369e6fd5db4a885027c6c08006.exe
    "C:\Users\Admin\AppData\Local\Temp\59bab4719a295a14fb9f8b6217032f6fb3e113369e6fd5db4a885027c6c08006.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    PID:3712

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads