Overview

overview

10

Static

static

3

91fce90678...18.exe

windows7-x64

10

91fce90678...18.exe

windows10-2004-x64

10

Analysis

  • max time kernel
    148s
  • max time network
    149s
  • platform
    windows7_x64
  • resource
    win7-20240221-en
  • resource tags

    arch:x64arch:x86image:win7-20240221-enlocale:en-usos:windows7-x64system
  • submitted
    03-06-2024 13:41

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    91fce90678f482ca077d50437301495f_JaffaCakes118.exe

  • Size

    185KB

  • MD5

    91fce90678f482ca077d50437301495f

  • SHA1

    b1d79d4f72dd45720925a4e35d9193724771bc33

  • SHA256

    4aa11721ca11223bc5dd7d756c7fe5cc9d2d05d7e20f1e0b66c68fd0d59fb172

  • SHA512

    bd06c0dcbb40d86346279ae7447c928309c9062373a0905a4b027913dd9920d0b627b47d56bdcfa1cf05aaea840c4d40ae08b97f2c382edb8b40fc2a5fec1133

  • SSDEEP

    3072:OqYoSNUf3osdx8fB89cmFLou4OYK4CuJfyRkX8ckqzI2WDO+4CUKcWiP6sQTxmSF:jSN0okx8fB4Lou2suJfyRSkqzI2WDO+o

Score
10/10
icedidbankerloadertrojan

Malware Config

Extracted

Family

icedid

Signatures

  • IcedID, BokBot

    IcedID is a banking trojan capable of stealing credentials.

    trojanbankericedid
  • IcedID Second Stage Loader 1 IoCs
    loader

Processes

  • C:\Users\Admin\AppData\Local\Temp\91fce90678f482ca077d50437301495f_JaffaCakes118.exe
    "C:\Users\Admin\AppData\Local\Temp\91fce90678f482ca077d50437301495f_JaffaCakes118.exe"
    1⤵
      PID:2868

    Network

    MITRE ATT&CK Matrix

    Replay Monitor

    Loading Replay Monitor...

    Downloads

    • memory/2868-0-0x00000000001FC000-0x0000000000200000-memory.dmp

      Filesize

      16KB

      Download

    • memory/2868-1-0x00000000001E0000-0x0000000000DBC000-memory.dmp

      Filesize

      11.9MB

      Download