icedid | e597b161cf2d643c4e579ef238ca111d23efd5d8a832f1be0fd8b0dae78ec0af | Triage

Submit
Reports

Overview

overview

Static

static

2023-04-27...op.exe

windows7-x64

2023-04-27...op.exe

windows10-2004-x64

Sharing

General

Target

2023-04-27_1ac394ddbf23133627ffd200704a247e_icedid_satan_teardrop.exe.bin
Size

5.0MB
Sample

230430-24ekmsaa61
MD5

1ac394ddbf23133627ffd200704a247e
SHA1

bc1c8ad6d75714352fe7665e8ea18df883b79f78
SHA256

e597b161cf2d643c4e579ef238ca111d23efd5d8a832f1be0fd8b0dae78ec0af
SHA512

2b9ea36eb2114dd83ab34615a31a2fbc2d9fe62c3e09ce820273ec719945cef28db0376c635a0c682dd16fea273cbad544deb32a1da88f6661595d0b97b68902
SSDEEP

49152:NtErfhsOSMa1xYus4Q2D2TgG6hN3gSVsmqoyeBe4:NtEbfa1xNL2g3mrEB/

Score

10^/10

icedid matiex teardrop backdoor banker dropper keylogger loader miner stealer trojan

Static task

static1

miner dropper backdoor loader matiex teardrop icedid

6 signatures

Behavioral task

behavioral1

Sample

2023-04-27_1ac394ddbf23133627ffd200704a247e_icedid_satan_teardrop.exe

Resource

win7-20230220-en

icedid matiex banker keylogger loader miner stealer trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

2023-04-27_1ac394ddbf23133627ffd200704a247e_icedid_satan_teardrop.exe

Resource

win10v2004-20230220-en

icedid matiex banker keylogger loader miner stealer trojan

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

icedid

Targets

- Target
  
  2023-04-27_1ac394ddbf23133627ffd200704a247e_icedid_satan_teardrop.exe.bin
- Size
  
  5.0MB
- MD5
  
  1ac394ddbf23133627ffd200704a247e
- SHA1
  
  bc1c8ad6d75714352fe7665e8ea18df883b79f78
- SHA256
  
  e597b161cf2d643c4e579ef238ca111d23efd5d8a832f1be0fd8b0dae78ec0af
- SHA512
  
  2b9ea36eb2114dd83ab34615a31a2fbc2d9fe62c3e09ce820273ec719945cef28db0376c635a0c682dd16fea273cbad544deb32a1da88f6661595d0b97b68902
- SSDEEP
  
  49152:NtErfhsOSMa1xYus4Q2D2TgG6hN3gSVsmqoyeBe4:NtEbfa1xNL2g3mrEB/
Score

10^/10

icedid matiex banker keylogger loader miner stealer trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Matiex
  Matiex is a keylogger and infostealer first seen in July 2020.
  stealer keylogger matiex
- Matiex Main payload
- Detectes Phoenix Miner Payload
  miner
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

minerdropperbackdoorloadermatiexteardropicedid

behavioral1

icedidmatiexbankerkeyloggerloaderminerstealertrojan

behavioral2

icedidmatiexbankerkeyloggerloaderminerstealertrojan

© 2018-2024

Terms | Privacy