Overview

overview

10

Static

static

3

icedid_loader.dll

windows10-2004-x64

10

Resubmissions

04-04-2024 22:53

240404-2txy8scf2z 10

04-04-2024 22:48

240404-2rkwwsce4t 3

04-04-2024 13:49

240404-q45laahe2y 10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    icedid_loader.dll

  • Size

    192KB

  • Sample

    240404-q45laahe2y

  • MD5

    6779daf60f7aa4bc357b264f32ff6cde

  • SHA1

    1c6e76af95f2a17b8e518965d62b3c9d7ecba6d5

  • SHA256

    e1d2c95eda751901a4bdae7ba381b85f5d7965b05afe245b5cbaccce9ecfb0bc

  • SHA512

    7829bf03bcf5b79703a1ba35ca9ba785e879ab6bfb141f00436d043986511819625194cadf0d516128075e10b8d94c845d31965048f0679fdd236a72f34c215f

  • SSDEEP

    6144:oZU+Q0/Xns9tMYN1fPdqTBNPenpNgpiF69:oS+Q289tMq1oPenPgpiF69

Score
10/10
icedid4165079571bankerloadertrojan

Malware Config

Extracted

Family

icedid

Campaign

4165079571

C2

podiumstrtss.com

Targets

    • Target

      icedid_loader.dll

    • Size

      192KB

    • MD5

      6779daf60f7aa4bc357b264f32ff6cde

    • SHA1

      1c6e76af95f2a17b8e518965d62b3c9d7ecba6d5

    • SHA256

      e1d2c95eda751901a4bdae7ba381b85f5d7965b05afe245b5cbaccce9ecfb0bc

    • SHA512

      7829bf03bcf5b79703a1ba35ca9ba785e879ab6bfb141f00436d043986511819625194cadf0d516128075e10b8d94c845d31965048f0679fdd236a72f34c215f

    • SSDEEP

      6144:oZU+Q0/Xns9tMYN1fPdqTBNPenpNgpiF69:oS+Q289tMq1oPenPgpiF69

    Score
    10/10
    icedid4165079571bankerloadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • This rule detects samples from the IcedID family unpacked in memory, identifying code reuse of new config decryption function.

      This rule detects samples from the IcedID family unpacked in memory, identifying code reuse of new config decryption function.

    behavioral1

MITRE ATT&CK Matrix

Tasks