icedid | df82ab215bf51e8ed504344bb7d2b1c50866177d07fa726cc10b1a484d6658e5 | Triage

Submit
Reports

Overview

overview

Static

static

1

Document[2..._1.vbs

windows7-x64

Document[2..._1.vbs

windows10-2004-x64

Sharing

Copy URL Twitter E-mail

General

Target

Document[2023.10.11_08-07]_1.vbs
Size

1012KB
Sample

231011-3scgksec32
MD5

46f350ec9ce87d9023042f97b29b91b9
SHA1

676df45e5ad9000c6a6701ef27c35d0693a09132
SHA256

df82ab215bf51e8ed504344bb7d2b1c50866177d07fa726cc10b1a484d6658e5
SHA512

5237681e28dd5207c09ef17649363e0d0f6ab3d87066a51ff42552967a3317bf2c05cd39bfcc50a7cf5e7e99a82c95a7e8c944a05b84c838c7decbfc9b269b30
SSDEEP

6144:H6kjN7KwEdQ5Q7llO99mZzMNLrM7Dir6DpgFMMjbwgXvuWlac89xwdjZEziC/von:/CGsyXCpoMMXs3s5ZImsQapwf

Score

10^/10

icedid 361893872 banker trojan

Static task

static1

Behavioral task

behavioral1

Sample

Document[2023.10.11_08-07]_1.vbs

Resource

win7-20230831-en

icedid 361893872 banker trojan

windows7-x64

7 signatures

150 seconds

Behavioral task

behavioral2

Sample

Document[2023.10.11_08-07]_1.vbs

Resource

win10v2004-20230915-en

icedid 361893872 banker trojan

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Extracted

Family

icedid

Campaign

361893872

Targets

- Target
  
  Document[2023.10.11_08-07]_1.vbs
- Size
  
  1012KB
- MD5
  
  46f350ec9ce87d9023042f97b29b91b9
- SHA1
  
  676df45e5ad9000c6a6701ef27c35d0693a09132
- SHA256
  
  df82ab215bf51e8ed504344bb7d2b1c50866177d07fa726cc10b1a484d6658e5
- SHA512
  
  5237681e28dd5207c09ef17649363e0d0f6ab3d87066a51ff42552967a3317bf2c05cd39bfcc50a7cf5e7e99a82c95a7e8c944a05b84c838c7decbfc9b269b30
- SSDEEP
  
  6144:H6kjN7KwEdQ5Q7llO99mZzMNLrM7Dir6DpgFMMjbwgXvuWlac89xwdjZEziC/von:/CGsyXCpoMMXs3s5ZImsQapwf
Score

10^/10

icedid 361893872 banker trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Blocklisted process makes network request
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

icedid361893872bankertrojan

behavioral2

icedid361893872bankertrojan

© 2018-2025

Terms | Privacy