Overview

overview

10

Static

static

1

Docs_Inv_A...50.exe

windows7-x64

10

Docs_Inv_A...50.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Docs_Inv_April_11_450.exe

  • Size

    128KB

  • Sample

    230412-fvvdvaaa94

  • MD5

    2f4f205baba0b637386e781057c2163d

  • SHA1

    704b84d525eefca6fa7eeb1cf0c94f861310c224

  • SHA256

    52d3dd78d3f1a14e18d0689ed8c5b43372f9e76401ef1ff68522575e6251d2cf

  • SHA512

    4086ad7ee73fd211dc5a4fcaeab826b9386c6d2ad8b3467f4273dda7e79826840723266d0665e9db9b1e1778b961404de5d2a2faae66f0592a3a235820f3bef9

  • SSDEEP

    3072:D4Mrq59cNGzs1YNgG4kj4va2UiPJIx/V:MRuGzYIKax

Score
10/10
icedid1401071739bankerloadertrojan

Malware Config

Extracted

Family

icedid

Campaign

1401071739

C2

shoterqana.com

Targets

    • Target

      Docs_Inv_April_11_450.exe

    • Size

      128KB

    • MD5

      2f4f205baba0b637386e781057c2163d

    • SHA1

      704b84d525eefca6fa7eeb1cf0c94f861310c224

    • SHA256

      52d3dd78d3f1a14e18d0689ed8c5b43372f9e76401ef1ff68522575e6251d2cf

    • SHA512

      4086ad7ee73fd211dc5a4fcaeab826b9386c6d2ad8b3467f4273dda7e79826840723266d0665e9db9b1e1778b961404de5d2a2faae66f0592a3a235820f3bef9

    • SSDEEP

      3072:D4Mrq59cNGzs1YNgG4kj4va2UiPJIx/V:MRuGzYIKax

    Score
    10/10
    icedid1401071739bankerloadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks