Overview

overview

10

Static

static

3

86bbd41505...04.exe

windows7-x64

10

86bbd41505...04.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    86bbd415051b2674b328203dd1a9b004

  • Size

    125KB

  • Sample

    240201-m569qadegl

  • MD5

    86bbd415051b2674b328203dd1a9b004

  • SHA1

    423d245483b8d45ca3a31e50abc3a94a04e2554b

  • SHA256

    de20ea323222ac331900592127038347f667738030503f924f83aa14d028a09c

  • SHA512

    cc2a64e7b505bb4824be2bdb3a528f39f2dfd5dba7038befbf56cefdfffacdd3827d65cd4917617936ef15cbe98e5c2dbb27deed076f3abad0bda80f6f96bf9e

  • SSDEEP

    1536:yWL3c+YD8f742wqwkhG5RC09wunkoYqlWziAJ3CIIq4sv5fsWGdI9dlqYnp:l3c+Yoz0qw2gRhH1YqlWf3CEVvoYsYp

Score
10/10
icedid3106269321bankerloadertrojan

Malware Config

Extracted

Family

icedid

Campaign

3106269321

C2

slimworkslose.top

Targets

    • Target

      86bbd415051b2674b328203dd1a9b004

    • Size

      125KB

    • MD5

      86bbd415051b2674b328203dd1a9b004

    • SHA1

      423d245483b8d45ca3a31e50abc3a94a04e2554b

    • SHA256

      de20ea323222ac331900592127038347f667738030503f924f83aa14d028a09c

    • SHA512

      cc2a64e7b505bb4824be2bdb3a528f39f2dfd5dba7038befbf56cefdfffacdd3827d65cd4917617936ef15cbe98e5c2dbb27deed076f3abad0bda80f6f96bf9e

    • SSDEEP

      1536:yWL3c+YD8f742wqwkhG5RC09wunkoYqlWziAJ3CIIq4sv5fsWGdI9dlqYnp:l3c+Yoz0qw2gRhH1YqlWf3CEVvoYsYp

    Score
    10/10
    icedid3106269321bankerloadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks