icedid | fcb53d1ce11ea3ccefc9c7efd21d4d29c59dad797536b5a14feb7c85562c1f66

Analysis

max time kernel
150s
max time network
121s
platform
windows7_x64
resource
win7-20230712-en
resource tags

arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
submitted
14/07/2023, 07:25

Target

Inv_LCC_Scan_2.exe
Size

887KB
MD5

9d526a12a1dd2520282bd306e9805559
SHA1

e20c5aadf2feb0fc7766cdb10d1f1589ad9da70d
SHA256

fcb53d1ce11ea3ccefc9c7efd21d4d29c59dad797536b5a14feb7c85562c1f66
SHA512

4bd4c33729bcfd87fc88d1ca31cf77b399fb0498237b2ffe256dbdc07c5d22d564f4f159929031598fe7ae989df6650791a11ff8fd40b9bdaa2dea9104e53199
SSDEEP

12288:UkL4qoZZuHgIr0tzzOLXgl7enMBEUbJzicZLHUa9Oxx7PXzpIvdTJAOb8JCgvX0d:fL4NuDZUbJzioO8Jpzg2

Score

10^/10

Family

icedid

Campaign

2704445589

skofilldrom.com

IcedID, BokBot
IcedID is a banking trojan capable of stealing credentials.
trojan banker icedid

Suspicious behavior: EnumeratesProcesses 2 IoCs

pid	Process
2468	Inv_LCC_Scan_2.exe
2468	Inv_LCC_Scan_2.exe

C:\Users\Admin\AppData\Local\Temp\Inv_LCC_Scan_2.exe
"C:\Users\Admin\AppData\Local\Temp\Inv_LCC_Scan_2.exe"
1⤵
- Suspicious behavior: EnumeratesProcesses
PID:2468

memory/2468-54-0x0000000000020000-0x0000000000028000-memory.dmp

Filesize
32KB

Download
memory/2468-55-0x0000000000210000-0x000000000026B000-memory.dmp

Filesize
364KB

Download