Overview

overview

10

Static

static

3

2023-04-29...id.exe

windows7-x64

10

2023-04-29...id.exe

windows10-2004-x64

10

Resubmissions

04-05-2023 16:20

230504-ttcz3adf84 10

30-04-2023 04:09

230430-eq62eahc81 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2023-04-29_60213cbad7e507c49ca664f4e78d19d1_icedid

  • Size

    543KB

  • Sample

    230504-ttcz3adf84

  • MD5

    60213cbad7e507c49ca664f4e78d19d1

  • SHA1

    64497519d87d7a13c6c976155e23c13168586995

  • SHA256

    c59d217790d5c49529a696e361981e95225b36d457e77ea3bb0776e6c1e39442

  • SHA512

    8b8ff11db4c4b63cfef481d5b8c196062214f74622edd7e9c1f6cb22f6328c7995cae5aadf7b4e1c2deb368efc1951e934b719d953b1e9167a98aeca2a40bbf2

  • SSDEEP

    12288:Zx1Q61iHsXYvfVpMODDawkCurdEtttYC0am43OkynJ/yLz:ZXQUIsQpMsequrmGCQ43OPqv

Score
10/10
trickbotbankertrojan

Malware Config

Targets

    • Target

      2023-04-29_60213cbad7e507c49ca664f4e78d19d1_icedid

    • Size

      543KB

    • MD5

      60213cbad7e507c49ca664f4e78d19d1

    • SHA1

      64497519d87d7a13c6c976155e23c13168586995

    • SHA256

      c59d217790d5c49529a696e361981e95225b36d457e77ea3bb0776e6c1e39442

    • SHA512

      8b8ff11db4c4b63cfef481d5b8c196062214f74622edd7e9c1f6cb22f6328c7995cae5aadf7b4e1c2deb368efc1951e934b719d953b1e9167a98aeca2a40bbf2

    • SSDEEP

      12288:Zx1Q61iHsXYvfVpMODDawkCurdEtttYC0am43OkynJ/yLz:ZXQUIsQpMsequrmGCQ43OPqv

    Score
    10/10
    trickbotbankertrojan

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

      trojanbankertrickbot

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

2
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks