Overview

overview

10

Static

static

3

2024-08-24...id.exe

windows7-x64

10

2024-08-24...id.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-08-24_5a106e2509e020bfc01c09f163a90a2b_icedid

  • Size

    529KB

  • Sample

    240824-nrr4bazdpk

  • MD5

    5a106e2509e020bfc01c09f163a90a2b

  • SHA1

    f86aa0a80a4bc7c9ba63126cdca127a31cea455d

  • SHA256

    43725bb0b814e545ed4e20fe1d46061f24d50583abeb188a13949a6880e24d8d

  • SHA512

    e579378332dfdf5f6ba1fb9b6ec585d3f6b5b831baa2a056929e17c4bb4e8d5103fc76f4723d74f9e06f0537c623f1b56c1a17e9599e1c1f3b0c67f4ee627f42

  • SSDEEP

    12288:Zx1Q61iHsXYvfVpMODDawkCurdEtttYWhOMtFqLklxNELg:ZXQUIsQpMsequrmGWhNfGGCg

Score
10/10
trickbotbankerdiscoverytrojan

Malware Config

Targets

    • Target

      2024-08-24_5a106e2509e020bfc01c09f163a90a2b_icedid

    • Size

      529KB

    • MD5

      5a106e2509e020bfc01c09f163a90a2b

    • SHA1

      f86aa0a80a4bc7c9ba63126cdca127a31cea455d

    • SHA256

      43725bb0b814e545ed4e20fe1d46061f24d50583abeb188a13949a6880e24d8d

    • SHA512

      e579378332dfdf5f6ba1fb9b6ec585d3f6b5b831baa2a056929e17c4bb4e8d5103fc76f4723d74f9e06f0537c623f1b56c1a17e9599e1c1f3b0c67f4ee627f42

    • SSDEEP

      12288:Zx1Q61iHsXYvfVpMODDawkCurdEtttYWhOMtFqLklxNELg:ZXQUIsQpMsequrmGWhNfGGCg

    Score
    10/10
    trickbotbankerdiscoverytrojan

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

      trojanbankertrickbot

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks