Overview

overview

10

Static

static

3

2b9cba4329...3b.exe

windows7-x64

10

2b9cba4329...3b.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2b9cba43290c9d4cc2d6a47432ddac5752c63e5ac519c2056ba466580424ed3b

  • Size

    169KB

  • Sample

    240410-l4p4dabg52

  • MD5

    81fc38de5b6197c4db58eb506037e7cb

  • SHA1

    c2258ab3204e6061d548df202c99aa361242d848

  • SHA256

    2b9cba43290c9d4cc2d6a47432ddac5752c63e5ac519c2056ba466580424ed3b

  • SHA512

    4c96e9104e55454e741a13be34a7c5a3afb8d0d17c1924d629acbd487975d88d4435fd46b34649defe2d047ff4c84e06c4a0d0176085c7b5ab4d80eed18b0d9a

  • SSDEEP

    3072:PcP8DY7QvQMXI/zCMAo14+X0cmPfGMdC+htVenbE:0rISTEZRCG6nbE

Score
10/10
icedid1875681804bankerloadertrojan

Malware Config

Extracted

Family

icedid

Campaign

1875681804

C2

enticationmetho.ink

Targets

    • Target

      2b9cba43290c9d4cc2d6a47432ddac5752c63e5ac519c2056ba466580424ed3b

    • Size

      169KB

    • MD5

      81fc38de5b6197c4db58eb506037e7cb

    • SHA1

      c2258ab3204e6061d548df202c99aa361242d848

    • SHA256

      2b9cba43290c9d4cc2d6a47432ddac5752c63e5ac519c2056ba466580424ed3b

    • SHA512

      4c96e9104e55454e741a13be34a7c5a3afb8d0d17c1924d629acbd487975d88d4435fd46b34649defe2d047ff4c84e06c4a0d0176085c7b5ab4d80eed18b0d9a

    • SSDEEP

      3072:PcP8DY7QvQMXI/zCMAo14+X0cmPfGMdC+htVenbE:0rISTEZRCG6nbE

    Score
    10/10
    icedid1875681804bankerloadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Subvert Trust Controls

1
T1553

Install Root Certificate

1
T1553.004

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks