icedid | bfcf04008a57918b9e08e5489fa0a8193f0bee747686d1105e560f366fba5189 | Triage

Submit
Reports

Overview

overview

Static

static

3

e78685a388...18.dll

windows7-x64

e78685a388...18.dll

windows10-2004-x64

Sharing

General

Target

e78685a388ca40a7593f4890370df604_JaffaCakes118
Size

267KB
Sample

240917-xytp6azeqb
MD5

e78685a388ca40a7593f4890370df604
SHA1

b203b716424fdc4e3d6037b7a6804d9366730a25
SHA256

bfcf04008a57918b9e08e5489fa0a8193f0bee747686d1105e560f366fba5189
SHA512

5b19c6f5ea971c89814d4379b53fea8e38220faf7ecfbf0a5cad9ad578cb22d102bfff7136744771be44979c6caed50d74f442dbb161eaff9299c623d0429945
SSDEEP

3072:WKCvsQ1ZkyvvaVx5wW760YyUu5VELUUtg7+HqOtTsTERJLGvumPOUIrLeAg0FujH:LQrkoCEvytr7UtkiBvPLiAOg3kaeXV6y

Score

10^/10

icedid banker discovery loader trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

e78685a388ca40a7593f4890370df604_JaffaCakes118.dll

Resource

win7-20240708-en

icedid banker discovery loader trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

e78685a388ca40a7593f4890370df604_JaffaCakes118.dll

Resource

win10v2004-20240802-en

icedid banker discovery loader trojan

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

icedid

C2

wertigohol.click

Targets

- Target
  
  e78685a388ca40a7593f4890370df604_JaffaCakes118
- Size
  
  267KB
- MD5
  
  e78685a388ca40a7593f4890370df604
- SHA1
  
  b203b716424fdc4e3d6037b7a6804d9366730a25
- SHA256
  
  bfcf04008a57918b9e08e5489fa0a8193f0bee747686d1105e560f366fba5189
- SHA512
  
  5b19c6f5ea971c89814d4379b53fea8e38220faf7ecfbf0a5cad9ad578cb22d102bfff7136744771be44979c6caed50d74f442dbb161eaff9299c623d0429945
- SSDEEP
  
  3072:WKCvsQ1ZkyvvaVx5wW760YyUu5VELUUtg7+HqOtTsTERJLGvumPOUIrLeAg0FujH:LQrkoCEvytr7UtkiBvPLiAOg3kaeXV6y
Score

10^/10

icedid banker discovery loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- IcedID First Stage Loader
  loader
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

icedidbankerdiscoveryloadertrojan

behavioral2

icedidbankerdiscoveryloadertrojan

© 2018-2024

Terms | Privacy