icedid | ad91cc0f5f38735a2a88df59382b93919a0f3112cae592f4a0477e20ef414469 | Triage

Submit
Reports

Overview

overview

Static

static

3

2c59a019fc...18.dll

windows7-x64

2c59a019fc...18.dll

windows10-2004-x64

Sharing

General

Target

2c59a019fc71eaa1c00220cb7a19bfde_JaffaCakes118
Size

214KB
Sample

240510-abzasseg7w
MD5

2c59a019fc71eaa1c00220cb7a19bfde
SHA1

870082e0c3a2a9a06ef9dce655f500d02ed0790c
SHA256

ad91cc0f5f38735a2a88df59382b93919a0f3112cae592f4a0477e20ef414469
SHA512

aeb2dba7cc52356eba30fd146bfe6ffe370b23f293913bd1fdf430aa0d8ec1cb4f289c06e2d6399a7ba7eb9eaa2142b8b5cbcdff1458719086097329d8ff002d
SSDEEP

6144:54+U6OuUhTIXJnxeecA9ikbl4yB6ETGzM0y:a+U6OZeh9cA/lV6ETGw0y

Score

10^/10

icedid banker loader trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2c59a019fc71eaa1c00220cb7a19bfde_JaffaCakes118.dll

Resource

win7-20240215-en

icedid banker loader trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

2c59a019fc71eaa1c00220cb7a19bfde_JaffaCakes118.dll

Resource

win10v2004-20240508-en

icedid banker loader trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

icedid

C2

ldrshekel.casa

Targets

- Target
  
  2c59a019fc71eaa1c00220cb7a19bfde_JaffaCakes118
- Size
  
  214KB
- MD5
  
  2c59a019fc71eaa1c00220cb7a19bfde
- SHA1
  
  870082e0c3a2a9a06ef9dce655f500d02ed0790c
- SHA256
  
  ad91cc0f5f38735a2a88df59382b93919a0f3112cae592f4a0477e20ef414469
- SHA512
  
  aeb2dba7cc52356eba30fd146bfe6ffe370b23f293913bd1fdf430aa0d8ec1cb4f289c06e2d6399a7ba7eb9eaa2142b8b5cbcdff1458719086097329d8ff002d
- SSDEEP
  
  6144:54+U6OuUhTIXJnxeecA9ikbl4yB6ETGzM0y:a+U6OZeh9cA/lV6ETGw0y
Score

10^/10

icedid banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- IcedID First Stage Loader
  loader
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedidbankerloadertrojan

behavioral2

icedidbankerloadertrojan

© 2018-2024

Terms | Privacy