Overview

overview

10

Static

static

3

27330976e8...18.dll

windows7-x64

10

27330976e8...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    27330976e897b20cce8347152eac445a_JaffaCakes118

  • Size

    224KB

  • Sample

    240728-15bdyaxgnj

  • MD5

    27330976e897b20cce8347152eac445a

  • SHA1

    5827bcd96ea651b43ec0fabd84240c53ed9752bf

  • SHA256

    22015e9ad69ee50307e6eb4484181196070e36ab9fb46f5c8f883ffeffaa60e3

  • SHA512

    e45be7fe6b50893e9bb26e5d7deac0a6c2df1920056f34e81a90eb5744b8a544860285fbcd9a4df5a6b18de3ecf22b5bbedcaea759967802584807ef6643ab56

  • SSDEEP

    3072:U6VYA6I0oElwS9ciW+eM+ppv2LHFOp6+7bUSrtB0J3B1rq46vqDyPIKpPLq/M:UWxXElK+Spv2swSlt6JR1YSDuImq/M

Score
10/10
icedidbankerdiscoveryloadertrojan

Malware Config

Extracted

Family

icedid

C2

loadberlin.casa

Targets

    • Target

      27330976e897b20cce8347152eac445a_JaffaCakes118

    • Size

      224KB

    • MD5

      27330976e897b20cce8347152eac445a

    • SHA1

      5827bcd96ea651b43ec0fabd84240c53ed9752bf

    • SHA256

      22015e9ad69ee50307e6eb4484181196070e36ab9fb46f5c8f883ffeffaa60e3

    • SHA512

      e45be7fe6b50893e9bb26e5d7deac0a6c2df1920056f34e81a90eb5744b8a544860285fbcd9a4df5a6b18de3ecf22b5bbedcaea759967802584807ef6643ab56

    • SSDEEP

      3072:U6VYA6I0oElwS9ciW+eM+ppv2LHFOp6+7bUSrtB0J3B1rq46vqDyPIKpPLq/M:UWxXElK+Spv2swSlt6JR1YSDuImq/M

    Score
    10/10
    icedidbankerdiscoveryloadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • IcedID First Stage Loader

      loader

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks