General

  • Target

    2024-09-03_35ab77b200653642662f40f4a0c8d5db_icedid

  • Size

    523KB

  • Sample

    240903-cf4r7avgnh

  • MD5

    35ab77b200653642662f40f4a0c8d5db

  • SHA1

    ef4d59200b96f946ae9b98085cb3bc6074dba8e6

  • SHA256

    8f8334bce52065890c46f3a631bbc43e0f0c4cb46c4ff958b61ecaae787fc095

  • SHA512

    441d77148297ebe5383175cbd075df4ac58476f671ccaf2e7ab00a77b0acca173821c7ed589ba044967a7e45baee510025a03dd9d53a24679b5f99f9f3e97a47

  • SSDEEP

    12288:Zx1Q61iHsXYvfVpMODDawkCurdEtttYLNly3anX:ZXQUIsQpMsequrmGLNI3oX

Malware Config

Targets

    • Target

      2024-09-03_35ab77b200653642662f40f4a0c8d5db_icedid

    • Size

      523KB

    • MD5

      35ab77b200653642662f40f4a0c8d5db

    • SHA1

      ef4d59200b96f946ae9b98085cb3bc6074dba8e6

    • SHA256

      8f8334bce52065890c46f3a631bbc43e0f0c4cb46c4ff958b61ecaae787fc095

    • SHA512

      441d77148297ebe5383175cbd075df4ac58476f671ccaf2e7ab00a77b0acca173821c7ed589ba044967a7e45baee510025a03dd9d53a24679b5f99f9f3e97a47

    • SSDEEP

      12288:Zx1Q61iHsXYvfVpMODDawkCurdEtttYLNly3anX:ZXQUIsQpMsequrmGLNI3oX

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks