icedid | ea2d23a8c4bc9ad4c34b8a20823f8b4db812fb1a7ed96b2cd4a7d67daa2bf2fa | Triage

Submit
Reports

Overview

overview

Static

static

3

92a017789e...18.dll

windows7-x64

92a017789e...18.dll

windows10-2004-x64

Sharing

General

Target

92a017789e4750f002668d6132bb22e4_JaffaCakes118
Size

267KB
Sample

240813-l6l5haxeka
MD5

92a017789e4750f002668d6132bb22e4
SHA1

087df5939e6337e1cb0dd144a42f48531af05904
SHA256

ea2d23a8c4bc9ad4c34b8a20823f8b4db812fb1a7ed96b2cd4a7d67daa2bf2fa
SHA512

d7f43245de807258d7b48b40e449d4a1c7eb297ac7d66a31a198028afec9d8c3b972600e94bf4089e43c214cf3032f9b58b599e1a0cffff7bdc8857b3b43dd2e
SSDEEP

3072:WKCvsQ1ZkyvvaVP5wW760YyUu5VELUUtg7+HqOtTsTERJLGvumPOUIrLeAg0FujH:LQrkoC+vytr7UtkiBvPLiAOg3kaeXV6y

Score

10^/10

icedid banker discovery loader trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

92a017789e4750f002668d6132bb22e4_JaffaCakes118.dll

Resource

win7-20240704-en

icedid banker discovery loader trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

92a017789e4750f002668d6132bb22e4_JaffaCakes118.dll

Resource

win10v2004-20240802-en

icedid banker discovery loader trojan

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

icedid

C2

wertigohol.click

Targets

- Target
  
  92a017789e4750f002668d6132bb22e4_JaffaCakes118
- Size
  
  267KB
- MD5
  
  92a017789e4750f002668d6132bb22e4
- SHA1
  
  087df5939e6337e1cb0dd144a42f48531af05904
- SHA256
  
  ea2d23a8c4bc9ad4c34b8a20823f8b4db812fb1a7ed96b2cd4a7d67daa2bf2fa
- SHA512
  
  d7f43245de807258d7b48b40e449d4a1c7eb297ac7d66a31a198028afec9d8c3b972600e94bf4089e43c214cf3032f9b58b599e1a0cffff7bdc8857b3b43dd2e
- SSDEEP
  
  3072:WKCvsQ1ZkyvvaVP5wW760YyUu5VELUUtg7+HqOtTsTERJLGvumPOUIrLeAg0FujH:LQrkoC+vytr7UtkiBvPLiAOg3kaeXV6y
Score

10^/10

icedid banker discovery loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- IcedID First Stage Loader
  loader
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

icedidbankerdiscoveryloadertrojan

behavioral2

icedidbankerdiscoveryloadertrojan

© 2018-2025

Terms | Privacy