icedid | e597b161cf2d643c4e579ef238ca111d23efd5d8a832f1be0fd8b0dae78ec0af | Triage

Submit
Reports

Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

Static

static

202304271a...op.exe

windows7-x64

202304271a...op.exe

windows10-2004-x64

Sharing

General

Target

202304271ac394ddbf23133627ffd200704a247eicedidsatanteardrop.exe
Size

5.0MB
Sample

230506-313zhaad55
MD5

1ac394ddbf23133627ffd200704a247e
SHA1

bc1c8ad6d75714352fe7665e8ea18df883b79f78
SHA256

e597b161cf2d643c4e579ef238ca111d23efd5d8a832f1be0fd8b0dae78ec0af
SHA512

2b9ea36eb2114dd83ab34615a31a2fbc2d9fe62c3e09ce820273ec719945cef28db0376c635a0c682dd16fea273cbad544deb32a1da88f6661595d0b97b68902
SSDEEP

49152:NtErfhsOSMa1xYus4Q2D2TgG6hN3gSVsmqoyeBe4:NtEbfa1xNL2g3mrEB/

Score

10^/10

icedid matiex teardrop backdoor banker dropper keylogger loader miner stealer trojan

Static task

static1

miner dropper backdoor loader matiex teardrop icedid

6 signatures

Behavioral task

behavioral1

Sample

202304271ac394ddbf23133627ffd200704a247eicedidsatanteardrop.exe

Resource

win7-20230220-en

icedid matiex banker keylogger loader miner stealer trojan

windows7-x64

6 signatures

150 seconds

Behavioral task

behavioral2

Sample

202304271ac394ddbf23133627ffd200704a247eicedidsatanteardrop.exe

Resource

win10v2004-20230220-en

icedid matiex banker keylogger loader miner stealer trojan

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

icedid

Targets

- Target
  
  202304271ac394ddbf23133627ffd200704a247eicedidsatanteardrop.exe
- Size
  
  5.0MB
- MD5
  
  1ac394ddbf23133627ffd200704a247e
- SHA1
  
  bc1c8ad6d75714352fe7665e8ea18df883b79f78
- SHA256
  
  e597b161cf2d643c4e579ef238ca111d23efd5d8a832f1be0fd8b0dae78ec0af
- SHA512
  
  2b9ea36eb2114dd83ab34615a31a2fbc2d9fe62c3e09ce820273ec719945cef28db0376c635a0c682dd16fea273cbad544deb32a1da88f6661595d0b97b68902
- SSDEEP
  
  49152:NtErfhsOSMa1xYus4Q2D2TgG6hN3gSVsmqoyeBe4:NtEbfa1xNL2g3mrEB/
Score

10^/10

icedid matiex banker keylogger loader miner stealer trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Matiex
  Matiex is a keylogger and infostealer first seen in July 2020.
  stealer keylogger matiex
- Matiex Main payload
- Detectes Phoenix Miner Payload
  miner
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

minerdropperbackdoorloadermatiexteardropicedid

behavioral1

icedidmatiexbankerkeyloggerloaderminerstealertrojan

behavioral2

icedidmatiexbankerkeyloggerloaderminerstealertrojan

© 2018-2025

Terms | Privacy

We care about your privacy.

This website stores cookies on your computer. These cookies are used to improve your website experience and provide more personalized services to you, both on this website and through other media. To find out more about the cookies we use, see our Privacy Policy.