Overview

overview

10

Static

static

3

c7099a08c3...18.dll

windows7-x64

10

c7099a08c3...18.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    c7099a08c33eaa38fe744276500b30c6_JaffaCakes118

  • Size

    211KB

  • Sample

    240828-rtzgys1hjg

  • MD5

    c7099a08c33eaa38fe744276500b30c6

  • SHA1

    bac78fe403b18cc499336ee2779a89210ce387eb

  • SHA256

    23be804db20cb450cf53fc82143ac34b9e741035c511af3e5c9880e7b3a70b3a

  • SHA512

    0c42968b3638828095504e2bc30ef4970f75fcd074278ab2c5c732615621d3a9c72d7711ecbe70b8cd0f6c8ee876f24a35ed93171eecdef92b14e1b78e2ac6a1

  • SSDEEP

    6144:6ZLwyyyWMa3NIBkL6LDW8dTZdw702edvxiuYOO6umz4N:6ZLwyyyHadIBkLIi8dTL2SvguYOO1mkN

Score
10/10
icedidbankerdiscoveryloadertrojan

Malware Config

Extracted

Family

icedid

C2

ldrstar.casa

Targets

    • Target

      c7099a08c33eaa38fe744276500b30c6_JaffaCakes118

    • Size

      211KB

    • MD5

      c7099a08c33eaa38fe744276500b30c6

    • SHA1

      bac78fe403b18cc499336ee2779a89210ce387eb

    • SHA256

      23be804db20cb450cf53fc82143ac34b9e741035c511af3e5c9880e7b3a70b3a

    • SHA512

      0c42968b3638828095504e2bc30ef4970f75fcd074278ab2c5c732615621d3a9c72d7711ecbe70b8cd0f6c8ee876f24a35ed93171eecdef92b14e1b78e2ac6a1

    • SSDEEP

      6144:6ZLwyyyWMa3NIBkL6LDW8dTZdw702edvxiuYOO6umz4N:6ZLwyyyHadIBkLIi8dTL2SvguYOO1mkN

    Score
    10/10
    icedidbankerdiscoveryloadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • IcedID First Stage Loader

      loader

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks