Overview

overview

10

Static

static

Setup_Win_...18.exe

windows7-x64

10

Setup_Win_...18.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Setup_Win_01-02-2023_17-10-20.zip

  • Size

    921KB

  • Sample

    230201-v5z5eaba43

  • MD5

    e9f479c2af78e68b7d5c0ba7a307152e

  • SHA1

    3930a6a0b88883225099a897a1cca01bb253fe40

  • SHA256

    38b742be48b426b5c89408092fb6ebdd93eefcb584b131abd9c7e3561641c3f1

  • SHA512

    712fc3d9b004ed983599cd8cb3a898f1919e68a0ca0052acb78e6291df50584241c110da4e56264b2aaec4c3ae5ef428d7b49c4238787113d15bc4798101d3ca

  • SSDEEP

    6144:jgktMgO/XjWeZYn58USIOi1cDh5ZZ4fGA/Z1N:jPtMgOPjvYn5nncDhuxf

Score
10/10
icedid133894510bankerloadertrojan

Malware Config

Extracted

Family

icedid

Campaign

133894510

C2

restorahlith.com

Targets

    • Target

      Setup_Win_01-02-2023_17-10-18.exe

    • Size

      702.6MB

    • MD5

      f5b0b4f95d3235d1ef297a32847010d9

    • SHA1

      c5d2e5669025948c470b2ae44982703e9f8f2f1b

    • SHA256

      343a8f0a3e09c676b86d983844887f871c0940e911a6d2e95ff54cd9d90fe5db

    • SHA512

      bb3ef5f467196a8dc01877153cd753ecf7744f5e44353d31842efb568660eacfffb052a9cbfa886618bc287e7f61c20644e1279ad493163711ce210b0668a4f6

    • SSDEEP

      12288:o41EwgLoMgUh2W2kRSkWzgVz6iW8fPmniuwiC:XEwgL/gUEW2kRSkWzgVz6l0+iuwF

    Score
    10/10
    icedid133894510bankerloadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks