Overview

overview

10

Static

static

3

2024-08-23...id.exe

windows7-x64

10

2024-08-23...id.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-08-23_d433c822a61c25a61e4a61452776c2b7_icedid

  • Size

    518KB

  • Sample

    240823-3dv1datand

  • MD5

    d433c822a61c25a61e4a61452776c2b7

  • SHA1

    ce6480b3c78de7a84856704854a5d6df3263d311

  • SHA256

    d7e66870da06c1daea4abaf507d15a87c1bc57a1adac0009f4191b58f95b04e2

  • SHA512

    b6e5626da54b991b1f6b6d80e421af55408ad683a8c9a36e59355539b1b02f89a231a32f2f3b7f139607dc77396085f2cf18397190e3387aa56f611539d83d8c

  • SSDEEP

    12288:Zx1Q61iHsXYvfVpMODDawkCurdEtttY8w+77uHyK+Lv:ZXQUIsQpMsequrmGWfCyK+b

Score
10/10
trickbotbankerdiscoverytrojan

Malware Config

Targets

    • Target

      2024-08-23_d433c822a61c25a61e4a61452776c2b7_icedid

    • Size

      518KB

    • MD5

      d433c822a61c25a61e4a61452776c2b7

    • SHA1

      ce6480b3c78de7a84856704854a5d6df3263d311

    • SHA256

      d7e66870da06c1daea4abaf507d15a87c1bc57a1adac0009f4191b58f95b04e2

    • SHA512

      b6e5626da54b991b1f6b6d80e421af55408ad683a8c9a36e59355539b1b02f89a231a32f2f3b7f139607dc77396085f2cf18397190e3387aa56f611539d83d8c

    • SSDEEP

      12288:Zx1Q61iHsXYvfVpMODDawkCurdEtttY8w+77uHyK+Lv:ZXQUIsQpMsequrmGWfCyK+b

    Score
    10/10
    trickbotbankerdiscoverytrojan

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

      trojanbankertrickbot

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks