icedid | 85c3ee997c72d8288a509b2edafa44ab9e31c3f33686a42357cd76f13b7a3827 | Triage

Submit
Reports

Overview

overview

Static

static

3

9b81f0dba9...05.exe

windows7-x64

9b81f0dba9...05.exe

windows10-2004-x64

Sharing

General

Target

9b81f0dba941e4134d86beb41c334005
Size

40KB
Sample

240214-m7e81sge8s
MD5

9b81f0dba941e4134d86beb41c334005
SHA1

f81b018fc2dd86a7b8a7a70fc045f90fe74dc411
SHA256

85c3ee997c72d8288a509b2edafa44ab9e31c3f33686a42357cd76f13b7a3827
SHA512

9f99cad312b903eaba171ebe1aa574eb776c381e88b1978b827634d0d5d48e01176c7ac0e3712720d22ca091535a089cebcf5e94e7e7b9eb9287202e0ba3b9db
SSDEEP

384:B0J3IQGFT2Mout2ISWLQD1OyqavzWv3EyEcz/CYNdeGqgo/P/0rOBupo+TZ51eC+:6VInFPdPGOyq73EyMlW5D1I

Score

10^/10

icedid banker loader trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

9b81f0dba941e4134d86beb41c334005.exe

Resource

win7-20231215-en

icedid banker loader trojan

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

9b81f0dba941e4134d86beb41c334005.exe

Resource

win10v2004-20231215-en

icedid banker loader trojan

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Extracted

Family

icedid

C2

lokolojazz.club

Targets

- Target
  
  9b81f0dba941e4134d86beb41c334005
- Size
  
  40KB
- MD5
  
  9b81f0dba941e4134d86beb41c334005
- SHA1
  
  f81b018fc2dd86a7b8a7a70fc045f90fe74dc411
- SHA256
  
  85c3ee997c72d8288a509b2edafa44ab9e31c3f33686a42357cd76f13b7a3827
- SHA512
  
  9f99cad312b903eaba171ebe1aa574eb776c381e88b1978b827634d0d5d48e01176c7ac0e3712720d22ca091535a089cebcf5e94e7e7b9eb9287202e0ba3b9db
- SSDEEP
  
  384:B0J3IQGFT2Mout2ISWLQD1OyqavzWv3EyEcz/CYNdeGqgo/P/0rOBupo+TZ51eC+:6VInFPdPGOyq73EyMlW5D1I
Score

10^/10

icedid banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- IcedID First Stage Loader
  loader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedidbankerloadertrojan

behavioral2

icedidbankerloadertrojan

© 2018-2024

Terms | Privacy