Overview

overview

10

Static

static

3

c53fe60ca1...18.dll

windows7-x64

10

c53fe60ca1...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c53fe60ca1b3b60357707c707fd4376d_JaffaCakes118

  • Size

    211KB

  • Sample

    240827-sp1pwsxcka

  • MD5

    c53fe60ca1b3b60357707c707fd4376d

  • SHA1

    81f8d20e74ce9ac1aac4595a32512d670b533ad4

  • SHA256

    74c2d430eb964fbf5b3a1e37bb6f8770e571ef8998f71d945a479bba4a42d2cc

  • SHA512

    2079cd98b135323aa7a625419f48423186c7f2bf4a663729f89aed6baa0fed9627d7975871991cfa6b273c97ca58f5f33c144ef5d9e2c7e41ee5ae4ee5700890

  • SSDEEP

    6144:6ZLw6yyWMa3NIBkL6LDW8dTZdw702edvxiuYOO6umz4N:6ZLw6yyHadIBkLIi8dTL2SvguYOO1mkN

Score
10/10
icedidbankerdiscoveryloadertrojan

Malware Config

Extracted

Family

icedid

C2

ldrstar.casa

Targets

    • Target

      c53fe60ca1b3b60357707c707fd4376d_JaffaCakes118

    • Size

      211KB

    • MD5

      c53fe60ca1b3b60357707c707fd4376d

    • SHA1

      81f8d20e74ce9ac1aac4595a32512d670b533ad4

    • SHA256

      74c2d430eb964fbf5b3a1e37bb6f8770e571ef8998f71d945a479bba4a42d2cc

    • SHA512

      2079cd98b135323aa7a625419f48423186c7f2bf4a663729f89aed6baa0fed9627d7975871991cfa6b273c97ca58f5f33c144ef5d9e2c7e41ee5ae4ee5700890

    • SSDEEP

      6144:6ZLw6yyWMa3NIBkL6LDW8dTZdw702edvxiuYOO6umz4N:6ZLw6yyHadIBkLIi8dTL2SvguYOO1mkN

    Score
    10/10
    icedidbankerdiscoveryloadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • IcedID First Stage Loader

      loader

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks