General

  • Target

    2024-09-03_8c9556689d28163d147850cac444d036_icedid

  • Size

    529KB

  • Sample

    240903-cgqxqavhjg

  • MD5

    8c9556689d28163d147850cac444d036

  • SHA1

    f7ddbc1c1f8c2b8b2ce8392811ab2b3462a169dd

  • SHA256

    dcdd61c12ce700f9836cd2dc14eeaa206f1cc140730a26db0a02984945604618

  • SHA512

    dd824ac928555fc135a938be5ffed4dcb237541799ba906b99cde8f4d27dca3d12e54bfb3345c2396493c97540272c9c8fdb8a1993dff92a019d7a2aece2a6a3

  • SSDEEP

    12288:Zx1Q61iHsXYvfVpMODDawkCurdEtttY3NoPpO0F4n:ZXQUIsQpMsequrmG3NoxO0FC

Malware Config

Targets

    • Target

      2024-09-03_8c9556689d28163d147850cac444d036_icedid

    • Size

      529KB

    • MD5

      8c9556689d28163d147850cac444d036

    • SHA1

      f7ddbc1c1f8c2b8b2ce8392811ab2b3462a169dd

    • SHA256

      dcdd61c12ce700f9836cd2dc14eeaa206f1cc140730a26db0a02984945604618

    • SHA512

      dd824ac928555fc135a938be5ffed4dcb237541799ba906b99cde8f4d27dca3d12e54bfb3345c2396493c97540272c9c8fdb8a1993dff92a019d7a2aece2a6a3

    • SSDEEP

      12288:Zx1Q61iHsXYvfVpMODDawkCurdEtttY3NoPpO0F4n:ZXQUIsQpMsequrmG3NoxO0FC

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks