icedid | 1ba120d35654b6bd0559147c467d063c0e5c484c5940ac6505953a32d8fef917 | Triage

Submit
Reports

Overview

overview

Static

static

3

f4cea8a52a...0N.dll

windows7-x64

f4cea8a52a...0N.dll

windows10-2004-x64

Sharing

General

Target

f4cea8a52aa64b95c9d0bf6c3396a1b0N.exe
Size

188KB
Sample

240907-nfk6ma1fqq
MD5

f4cea8a52aa64b95c9d0bf6c3396a1b0
SHA1

397b1dadfa55af99d845e5b4c4f2fcb76f814816
SHA256

1ba120d35654b6bd0559147c467d063c0e5c484c5940ac6505953a32d8fef917
SHA512

bfaa8794dd2cf96574232c20a0025058f8ca21a9cd7b4c361b4ec11d563ae978b4702a6d1ad598974cd7646696c839532a741006d797bcdf2532ae015b09b010
SSDEEP

3072:AibFFA003t401K/EKK0LKA7/D5N+gHPVcbW6GGix93yYDB:AIo3DAs0L1VXafix9P

Score

10^/10

icedid banker discovery loader trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

f4cea8a52aa64b95c9d0bf6c3396a1b0N.dll

Resource

win7-20240903-en

icedid banker discovery loader trojan

windows7-x64

5 signatures

120 seconds

Behavioral task

behavioral2

Sample

f4cea8a52aa64b95c9d0bf6c3396a1b0N.dll

Resource

win10v2004-20240802-en

icedid banker discovery loader trojan

windows10-2004-x64

5 signatures

120 seconds

Malware Config

Extracted

Family

icedid

C2

loadlisboa.casa

Targets

- Target
  
  f4cea8a52aa64b95c9d0bf6c3396a1b0N.exe
- Size
  
  188KB
- MD5
  
  f4cea8a52aa64b95c9d0bf6c3396a1b0
- SHA1
  
  397b1dadfa55af99d845e5b4c4f2fcb76f814816
- SHA256
  
  1ba120d35654b6bd0559147c467d063c0e5c484c5940ac6505953a32d8fef917
- SHA512
  
  bfaa8794dd2cf96574232c20a0025058f8ca21a9cd7b4c361b4ec11d563ae978b4702a6d1ad598974cd7646696c839532a741006d797bcdf2532ae015b09b010
- SSDEEP
  
  3072:AibFFA003t401K/EKK0LKA7/D5N+gHPVcbW6GGix93yYDB:AIo3DAs0L1VXafix9P
Score

10^/10

icedid banker discovery loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- IcedID First Stage Loader
  loader
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

icedidbankerdiscoveryloadertrojan

behavioral2

icedidbankerdiscoveryloadertrojan

© 2018-2024

Terms | Privacy