icedid | dbc6bcb6fe6fff440ea3cb7b6402e9b9d94759ae28d49357cb3fa1d2c6b8c96b | Triage

Submit
Reports

Overview

overview

Static

static

3

wer.dll

windows10-2004-x64

Sharing

General

Target

wer.dll
Size

192KB
Sample

230807-t8hh4ahg4w
MD5

48162373159e9373359488951f8da4f8
SHA1

ecd7ee9c5cf8694c50090267f9f6fc1701c7116a
SHA256

dbc6bcb6fe6fff440ea3cb7b6402e9b9d94759ae28d49357cb3fa1d2c6b8c96b
SHA512

1d75ddb11ce32498cd3c4c56392d0cafbaec5013cf0833824a3008223c0c6919de403f70115ff120501f63a51e4f916afc40a5c6caee6895f4e04c4ee778188b
SSDEEP

6144:0ARPb4RJ5LZqD1V8uQLkRlh0Q8c31lpGlfEi1Absc:DyRJqDYuKMlpCMi1Absc

Score

10^/10

icedid 1818453732 Photoloader banker loader trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

wer.dll

Resource

win10v2004-20230703-it

icedid 1818453732 Photoloader banker loader trojan

windows10-2004-x64

4 signatures

600 seconds

Malware Config

Extracted

Family

icedid

Campaign

1818453732

C2

skamusdeadin.com

Targets

- Target
  
  wer.dll
- Size
  
  192KB
- MD5
  
  48162373159e9373359488951f8da4f8
- SHA1
  
  ecd7ee9c5cf8694c50090267f9f6fc1701c7116a
- SHA256
  
  dbc6bcb6fe6fff440ea3cb7b6402e9b9d94759ae28d49357cb3fa1d2c6b8c96b
- SHA512
  
  1d75ddb11ce32498cd3c4c56392d0cafbaec5013cf0833824a3008223c0c6919de403f70115ff120501f63a51e4f916afc40a5c6caee6895f4e04c4ee778188b
- SSDEEP
  
  6144:0ARPb4RJ5LZqD1V8uQLkRlh0Q8c31lpGlfEi1Absc:DyRJqDYuKMlpCMi1Absc
Score

10^/10

icedid 1818453732 Photoloader banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- PhotoLoader Payload
  IcedID downloder-Photloader.
  Photoloader
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid1818453732Photoloaderbankerloadertrojan

© 2018-2025

Terms | Privacy