Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
fd685d5811578ac189ffc6802615e11c86424765cc231a024e97c03c99f37947_JC.js
-
Size
34KB
-
Sample
230901-vb2fdage36
-
MD5
d38a35de750d0d8628cb073a9a0ad8b2
-
SHA1
b98af1c8fe2a75060fa25a7eee20c32518271822
-
SHA256
fd685d5811578ac189ffc6802615e11c86424765cc231a024e97c03c99f37947
-
SHA512
b7348f060b646efd8e7501ce7a411346b7de95a715b7a1d2294df32c2b4ed425262ef0102af2d72c5f3d0f5f8db2f0feede4f5885a2fa6d48f9c2c9b40cde247
-
SSDEEP
768:RwRahuDvIhINs1sCT7A797k7a7a7Q7u7F7r7e7I7B7C7D7N7y7o727B7of7y7M76:RwRahBhIN3CTMJ4W+cC5fS0VWnJWk6l5
Malware Config
Extracted
icedid
4240553492
oopscokir.com
Targets
-
-
Target
fd685d5811578ac189ffc6802615e11c86424765cc231a024e97c03c99f37947_JC.js
-
Size
34KB
-
MD5
d38a35de750d0d8628cb073a9a0ad8b2
-
SHA1
b98af1c8fe2a75060fa25a7eee20c32518271822
-
SHA256
fd685d5811578ac189ffc6802615e11c86424765cc231a024e97c03c99f37947
-
SHA512
b7348f060b646efd8e7501ce7a411346b7de95a715b7a1d2294df32c2b4ed425262ef0102af2d72c5f3d0f5f8db2f0feede4f5885a2fa6d48f9c2c9b40cde247
-
SSDEEP
768:RwRahuDvIhINs1sCT7A797k7a7a7Q7u7F7r7e7I7B7C7D7N7y7o727B7of7y7M76:RwRahBhIN3CTMJ4W+cC5fS0VWnJWk6l5
Score10/10-
IcedID, BokBot
IcedID is a banking trojan capable of stealing credentials.
-
Downloads MZ/PE file
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Loads dropped DLL
-