Overview

overview

10

Static

static

3

2024-07-06...id.exe

windows7-x64

10

2024-07-06...id.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-07-06_0fe9a8297f63bc76da89b5b3c7fb228e_icedid

  • Size

    956KB

  • Sample

    240706-btdx9a1gpn

  • MD5

    0fe9a8297f63bc76da89b5b3c7fb228e

  • SHA1

    0eab8773591fdac7ecade3a4f52755d794e8db56

  • SHA256

    b8facee9269812621dc5fded0ce2cec292220ed3ffa114d2420863051d7f9488

  • SHA512

    94f45793f6d9239561efeb6dbb832f59c911e6f1f5becdcaf770042677104ef045edf8be473db87c018c3e1f448ce5c89cfbb7cbe9be8ae73fca5419f363a7a5

  • SSDEEP

    12288:7mJIkZqyOW6GHbBm0TezQjiFOnnXPA8JLp8jDmrgR42Uf+nFV1XE:7mikUyR6ebw06z4o8Jwm+E+nT

Score
10/10
blackmoonbankertrojanupx

Malware Config

Targets

    • Target

      2024-07-06_0fe9a8297f63bc76da89b5b3c7fb228e_icedid

    • Size

      956KB

    • MD5

      0fe9a8297f63bc76da89b5b3c7fb228e

    • SHA1

      0eab8773591fdac7ecade3a4f52755d794e8db56

    • SHA256

      b8facee9269812621dc5fded0ce2cec292220ed3ffa114d2420863051d7f9488

    • SHA512

      94f45793f6d9239561efeb6dbb832f59c911e6f1f5becdcaf770042677104ef045edf8be473db87c018c3e1f448ce5c89cfbb7cbe9be8ae73fca5419f363a7a5

    • SSDEEP

      12288:7mJIkZqyOW6GHbBm0TezQjiFOnnXPA8JLp8jDmrgR42Uf+nFV1XE:7mikUyR6ebw06z4o8Jwm+E+nT

    Score
    10/10
    blackmoonbankertrojanupx

    • Blackmoon, KrBanker

      Blackmoon also known as KrBanker is banking trojan first discovered in early 2014.

      trojanbankerblackmoon

    • Detect Blackmoon payload

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Deletes itself

    • Executes dropped EXE

    • Loads dropped DLL

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

      upx
    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks