General

  • Target

    2024-02-05_05946fed20c76ef4a18994260f8c3e78_icedid

  • Size

    520KB

  • Sample

    240205-tvalbsbhg2

  • MD5

    05946fed20c76ef4a18994260f8c3e78

  • SHA1

    e9941275353f10e05055b84bef39cf77a1d80ffc

  • SHA256

    108f5642971ddcf50326eb9aca48d48a306482bb987a9fc69d2d5a94070dd6f6

  • SHA512

    d7119cd0bc805e8cebfaa07a7ae8475899cbc71f66147f2f5bfdde289e1f51b92c4833a1c7cb3309513241db967afb157268eabd667eebd9360ae074353bc07e

  • SSDEEP

    6144:ipUUVdwEO5ZEAKyt0RBDVqijl0O02z0wz+StGJuQqeDxOMmXQZPPQNxn2nP:lUVdwEUSAKytqjlVYxSAvtXuQZMp

Score
10/10

Malware Config

Targets

    • Target

      2024-02-05_05946fed20c76ef4a18994260f8c3e78_icedid

    • Size

      520KB

    • MD5

      05946fed20c76ef4a18994260f8c3e78

    • SHA1

      e9941275353f10e05055b84bef39cf77a1d80ffc

    • SHA256

      108f5642971ddcf50326eb9aca48d48a306482bb987a9fc69d2d5a94070dd6f6

    • SHA512

      d7119cd0bc805e8cebfaa07a7ae8475899cbc71f66147f2f5bfdde289e1f51b92c4833a1c7cb3309513241db967afb157268eabd667eebd9360ae074353bc07e

    • SSDEEP

      6144:ipUUVdwEO5ZEAKyt0RBDVqijl0O02z0wz+StGJuQqeDxOMmXQZPPQNxn2nP:lUVdwEUSAKytqjlVYxSAvtXuQZMp

    Score
    10/10
    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks