icedid | c0a78a67fb141f8c7bc36568849bc848d7e7ad823d40c9910ae3247e610b8fc3 | Triage

Submit
Reports

Overview

overview

Static

static

3

3003.dll

windows7-x64

3003.dll

windows10-2004-x64

Sharing

General

Target

3003.exe
Size

78KB
Sample

240405-ryptbafa82
MD5

964a0015332ec2cc13ab12b8d85f29ff
SHA1

cab978169550d6dcb108d1cbb379fa6ca4e6436e
SHA256

c0a78a67fb141f8c7bc36568849bc848d7e7ad823d40c9910ae3247e610b8fc3
SHA512

6e6d81bed1884ddf16922d06b2c0e8b51c9dac2c986d3c88c0e5de2e75d25a28ec6d3551d406bed4e59229623fec895a1c7e3255f66315938f803d0319ec5014
SSDEEP

768:RHppffnqCuZgKEq2OqmBhw9+eyA/Dj74zZ/mgxH7Wgagg1nXFJBMq/umJUZp:NDqvHEbsBneyAbniZPWznfBL/nM

Score

10^/10

icedid 3717128962 banker loader trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

3003.dll

Resource

win7-20240221-en

icedid 3717128962 banker loader trojan

windows7-x64

3 signatures

150 seconds

Behavioral task

behavioral2

Sample

3003.dll

Resource

win10v2004-20240319-en

icedid 3717128962 banker loader trojan

windows10-2004-x64

3 signatures

150 seconds

Malware Config

Extracted

Family

icedid

Campaign

3717128962

C2

usaaforced.fun

Targets

- Target
  
  3003.exe
- Size
  
  78KB
- MD5
  
  964a0015332ec2cc13ab12b8d85f29ff
- SHA1
  
  cab978169550d6dcb108d1cbb379fa6ca4e6436e
- SHA256
  
  c0a78a67fb141f8c7bc36568849bc848d7e7ad823d40c9910ae3247e610b8fc3
- SHA512
  
  6e6d81bed1884ddf16922d06b2c0e8b51c9dac2c986d3c88c0e5de2e75d25a28ec6d3551d406bed4e59229623fec895a1c7e3255f66315938f803d0319ec5014
- SSDEEP
  
  768:RHppffnqCuZgKEq2OqmBhw9+eyA/Dj74zZ/mgxH7Wgagg1nXFJBMq/umJUZp:NDqvHEbsBneyAbniZPWznfBL/nM
Score

10^/10

icedid 3717128962 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- IcedID First Stage Loader
  loader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid3717128962bankerloadertrojan

behavioral2

icedid3717128962bankerloadertrojan

© 2018-2024

Terms | Privacy