Overview

overview

10

Static

static

3

2024-08-25...id.exe

windows7-x64

10

2024-08-25...id.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-08-25_72be0100401efad0e7a5598cb4e25a02_icedid

  • Size

    521KB

  • Sample

    240825-rt1d9a1alp

  • MD5

    72be0100401efad0e7a5598cb4e25a02

  • SHA1

    d848be582c2f623c27363fe2cccae7caca4b4683

  • SHA256

    b046850945024a162e6ccea97e669eb945a7d6fd79e56a4757cd4a3799339e32

  • SHA512

    7bddca233e755ca275cb12ae409d6072bebfbb4317a6d50024f0bcdfe129029fbbfb91547a96e386af82a424dd9382d38915bf8a157f0892b65f72858d02534f

  • SSDEEP

    12288:Zx1Q61iHsXYvfVpMODDawkCurdEtttYb5kNKjvvcIoS:ZXQUIsQpMsequrmGb5u6HHoS

Score
10/10
trickbotbankerdiscoverytrojan

Malware Config

Targets

    • Target

      2024-08-25_72be0100401efad0e7a5598cb4e25a02_icedid

    • Size

      521KB

    • MD5

      72be0100401efad0e7a5598cb4e25a02

    • SHA1

      d848be582c2f623c27363fe2cccae7caca4b4683

    • SHA256

      b046850945024a162e6ccea97e669eb945a7d6fd79e56a4757cd4a3799339e32

    • SHA512

      7bddca233e755ca275cb12ae409d6072bebfbb4317a6d50024f0bcdfe129029fbbfb91547a96e386af82a424dd9382d38915bf8a157f0892b65f72858d02534f

    • SSDEEP

      12288:Zx1Q61iHsXYvfVpMODDawkCurdEtttYb5kNKjvvcIoS:ZXQUIsQpMsequrmGb5u6HHoS

    Score
    10/10
    trickbotbankerdiscoverytrojan

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

      trojanbankertrickbot

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks