icedid | 63692f8532a6b1c1e78c51d96842e7c90a841a9afe76c9d71beb2ca5bfc0bfa5 | Triage

Submit
Reports

Overview

overview

Static

static

3

abe866ba9e...03.exe

windows7-x64

abe866ba9e...03.exe

windows10-2004-x64

Sharing

General

Target

d8971f46f2e0808213ea577dc9978e94
Size

135KB
Sample

240320-mnlxfsef69
MD5

d8971f46f2e0808213ea577dc9978e94
SHA1

41d3c21ac604d42793e0a1a97d15aa519463d74a
SHA256

63692f8532a6b1c1e78c51d96842e7c90a841a9afe76c9d71beb2ca5bfc0bfa5
SHA512

52351c0d167f87f1fa1048bd94b02b57e5357a0a1695304393de7bba62a0b919d840a5c09a19a6b083116330fabb0e8ae9f5c53a5f827954f63b168d3d691f17
SSDEEP

3072:i1UcQjSCbuBW50LDp6RMKy6X6BQ447bH4izT0/uRjRJH:E63bV50LsY6K874IFnH

Score

10^/10

icedid 3169317434 banker loader trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

abe866ba9e8a9956a64ef4bc48ace783daa30d51b86fa60adfbb6d8fa044c503.exe

Resource

win7-20240215-en

icedid 3169317434 banker loader trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

abe866ba9e8a9956a64ef4bc48ace783daa30d51b86fa60adfbb6d8fa044c503.exe

Resource

win10v2004-20240226-en

icedid 3169317434 banker loader trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

icedid

Extracted

Family

icedid

Botnet

3169317434

C2

kodjakskoda.club

financesromma.club

slobrewelo.pw

nifrittilo.pw

Attributes

auth_var
4
url_path
/audio/

Targets

- Target
  
  abe866ba9e8a9956a64ef4bc48ace783daa30d51b86fa60adfbb6d8fa044c503
- Size
  
  240KB
- MD5
  
  3fbcd911c5616182a5ced7f40fdfa28f
- SHA1
  
  690e6e312df91174f1d13dce26c48abab7d74c96
- SHA256
  
  abe866ba9e8a9956a64ef4bc48ace783daa30d51b86fa60adfbb6d8fa044c503
- SHA512
  
  7dfd43197a4dc3770fb09d8979c3edb394cff72e0c4854ca1a2f98c05ae00e85854469c66327eb71facbf0099bec1a8880e041105c2ab455c0d1aec2541b1d0a
- SSDEEP
  
  3072:DiqtOMuSsObf0BJ9Ao3B1I8J9RMOy5uY1dbrwubD9a4ojnzHypsdmDrzyf/Ea:DdDGObsuoR1I29RM3uHyydmD3I
Score

10^/10

icedid 3169317434 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- IcedID Second Stage Loader
  loader
behavioral1 behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

Install Root Certificate

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

icedid3169317434bankerloadertrojan

behavioral2

icedid3169317434bankerloadertrojan

© 2018-2024

Terms | Privacy