General

  • Target

    2024-09-03_58ba75e450aeb628b22394c0daafbe2a_icedid

  • Size

    523KB

  • Sample

    240903-tzbdes1cqp

  • MD5

    58ba75e450aeb628b22394c0daafbe2a

  • SHA1

    484c19427f25874af502f8af15f48dd32bce8f4f

  • SHA256

    2af2a7486d3c4e43c3aa46c0bf7e2765b7b2514510753ed2d2f91fe3cd22dfcf

  • SHA512

    5a76bedffab38ce7b8ba108de914db27fc9787c16e0aa400af48682a65b003c76445129807fbb8fa462d7df28efdef21acb202867f4a349ecaf09cf4995e77fa

  • SSDEEP

    12288:Zx1Q61iHsXYvfVpMODDawkCurdEtttYE3/y8gRYdqHbmJ:ZXQUIsQpMsequrmGCyGk7mJ

Malware Config

Targets

    • Target

      2024-09-03_58ba75e450aeb628b22394c0daafbe2a_icedid

    • Size

      523KB

    • MD5

      58ba75e450aeb628b22394c0daafbe2a

    • SHA1

      484c19427f25874af502f8af15f48dd32bce8f4f

    • SHA256

      2af2a7486d3c4e43c3aa46c0bf7e2765b7b2514510753ed2d2f91fe3cd22dfcf

    • SHA512

      5a76bedffab38ce7b8ba108de914db27fc9787c16e0aa400af48682a65b003c76445129807fbb8fa462d7df28efdef21acb202867f4a349ecaf09cf4995e77fa

    • SSDEEP

      12288:Zx1Q61iHsXYvfVpMODDawkCurdEtttYE3/y8gRYdqHbmJ:ZXQUIsQpMsequrmGCyGk7mJ

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks