icedid | daed196b1b2af0ae801a06dd6e452f90f4163d53d261548064ffd57843a70ef9 | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

20230501db...op.exe

windows7-x64

20230501db...op.exe

windows10-2004-x64

Sharing

General

Target

20230501db86067871fee95abb1e3abef8c35b54icedidsatanteardrop
Size

5.0MB
Sample

230505-wtzvyacb84
MD5

db86067871fee95abb1e3abef8c35b54
SHA1

c5e3d6e75ae08da7cd9dfcf14d68dfc9bfe180b7
SHA256

daed196b1b2af0ae801a06dd6e452f90f4163d53d261548064ffd57843a70ef9
SHA512

3b399d148e70b02be37fd20c3efe1d5e4f65e2dce479d69abb53a7b9513f90f333ced5c74fb69b944cdd97d544bfb3ad596945db9d8857026d793b6e0714cca9
SSDEEP

49152:5tErfhsOSMa1xYus4Q2D2TgG6hN3gSVsmqoyeBe4:5tEbfa1xNL2g3mrEB/

Score

10^/10

icedid matiex teardrop backdoor banker dropper keylogger loader miner stealer trojan

Static task

static1

miner dropper backdoor loader matiex teardrop icedid

6 signatures

Behavioral task

behavioral1

Sample

20230501db86067871fee95abb1e3abef8c35b54icedidsatanteardrop.exe

Resource

win7-20230220-en

icedid matiex banker keylogger loader miner stealer trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

20230501db86067871fee95abb1e3abef8c35b54icedidsatanteardrop.exe

Resource

win10v2004-20230220-en

icedid matiex banker keylogger loader miner stealer trojan

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

icedid

Targets

- Target
  
  20230501db86067871fee95abb1e3abef8c35b54icedidsatanteardrop
- Size
  
  5.0MB
- MD5
  
  db86067871fee95abb1e3abef8c35b54
- SHA1
  
  c5e3d6e75ae08da7cd9dfcf14d68dfc9bfe180b7
- SHA256
  
  daed196b1b2af0ae801a06dd6e452f90f4163d53d261548064ffd57843a70ef9
- SHA512
  
  3b399d148e70b02be37fd20c3efe1d5e4f65e2dce479d69abb53a7b9513f90f333ced5c74fb69b944cdd97d544bfb3ad596945db9d8857026d793b6e0714cca9
- SSDEEP
  
  49152:5tErfhsOSMa1xYus4Q2D2TgG6hN3gSVsmqoyeBe4:5tEbfa1xNL2g3mrEB/
Score

10^/10

icedid matiex banker keylogger loader miner stealer trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Matiex
  Matiex is a keylogger and infostealer first seen in July 2020.
  stealer keylogger matiex
- Matiex Main payload
- Detectes Phoenix Miner Payload
  miner
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

minerdropperbackdoorloadermatiexteardropicedid

behavioral1

icedidmatiexbankerkeyloggerloaderminerstealertrojan

behavioral2

icedidmatiexbankerkeyloggerloaderminerstealertrojan

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.