icedid | 8efa3aea51c2da764f118b7808fa096c3e3a841b676b1e046cdd6ad50cf8af3d | Triage

Submit
Reports

Overview

overview

Static

static

3

7a946bfc8c...18.dll

windows7-x64

7a946bfc8c...18.dll

windows10-2004-x64

Sharing

General

Target

7a946bfc8ca85ad16bf66ecabb4ccdec_JaffaCakes118
Size

214KB
Sample

240527-z9jqfabf77
MD5

7a946bfc8ca85ad16bf66ecabb4ccdec
SHA1

0c5014dcdcf28f11f31c13e3fb3ef6ae5559f628
SHA256

8efa3aea51c2da764f118b7808fa096c3e3a841b676b1e046cdd6ad50cf8af3d
SHA512

f667e6badebdc6a8bc677bb54f073112b70b7896c41b04d40a47880d5ccb47082996fc2e04aeabb55888d92d269a3b1d650bdf190eb25f058560a311cbd326c3
SSDEEP

6144:54+U6OuNhTIXJnxeecA9ikbl4yB6ETGzM0yT:a+U6Oseh9cA/lV6ETGw0yT

Score

10^/10

icedid banker loader trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

7a946bfc8ca85ad16bf66ecabb4ccdec_JaffaCakes118.dll

Resource

win7-20240221-en

icedid banker loader trojan

windows7-x64

4 signatures

150 seconds

Behavioral task

behavioral2

Sample

7a946bfc8ca85ad16bf66ecabb4ccdec_JaffaCakes118.dll

Resource

win10v2004-20240508-en

icedid banker loader trojan

windows10-2004-x64

4 signatures

150 seconds

Malware Config

Extracted

Family

icedid

C2

ldrshekel.casa

Targets

- Target
  
  7a946bfc8ca85ad16bf66ecabb4ccdec_JaffaCakes118
- Size
  
  214KB
- MD5
  
  7a946bfc8ca85ad16bf66ecabb4ccdec
- SHA1
  
  0c5014dcdcf28f11f31c13e3fb3ef6ae5559f628
- SHA256
  
  8efa3aea51c2da764f118b7808fa096c3e3a841b676b1e046cdd6ad50cf8af3d
- SHA512
  
  f667e6badebdc6a8bc677bb54f073112b70b7896c41b04d40a47880d5ccb47082996fc2e04aeabb55888d92d269a3b1d650bdf190eb25f058560a311cbd326c3
- SSDEEP
  
  6144:54+U6OuNhTIXJnxeecA9ikbl4yB6ETGzM0yT:a+U6Oseh9cA/lV6ETGw0yT
Score

10^/10

icedid banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- IcedID First Stage Loader
  loader
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedidbankerloadertrojan

behavioral2

icedidbankerloadertrojan

© 2018-2024

Terms | Privacy