icedid | 887a73dd182c064135d8451dc7a1c04b9dd19c89e1ec012b5dd22bac52116e6a | Triage

Submit
Reports

Overview

overview

Static

static

3

f46f78ca95...18.dll

windows7-x64

f46f78ca95...18.dll

windows10-2004-x64

Sharing

General

Target

f46f78ca95597fffeff734068e6ba681_JaffaCakes118
Size

267KB
Sample

240924-y4mpgawgqa
MD5

f46f78ca95597fffeff734068e6ba681
SHA1

5abe992df37b86efe5f7a1e019f101ee135a8a76
SHA256

887a73dd182c064135d8451dc7a1c04b9dd19c89e1ec012b5dd22bac52116e6a
SHA512

11ae1d7f2d4abd01866c09e44a028dcc2902a0ec5365239681fef066f52b8b09059abfeabd3e1d2039f6149f7dd0adb1c344d195c15c4a95f6f63c599e5eb6cd
SSDEEP

3072:WKCvsQ1ZkyvvaVC5wW760YyUu5VELUUtg7+HqOtTsTERJLGvumPOUIrLeAg0FujH:LQrkoCJvytr7UtkiBvPLiAOg3kaeXV6y

Score

10^/10

icedid banker discovery loader trojan

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

f46f78ca95597fffeff734068e6ba681_JaffaCakes118.dll

Resource

win7-20240903-en

icedid banker discovery loader trojan

windows7-x64

5 signatures

150 seconds

Behavioral task

behavioral2

Sample

f46f78ca95597fffeff734068e6ba681_JaffaCakes118.dll

Resource

win10v2004-20240802-en

icedid banker discovery loader trojan

windows10-2004-x64

5 signatures

150 seconds

Malware Config

Extracted

Family

icedid

C2

wertigohol.click

Targets

- Target
  
  f46f78ca95597fffeff734068e6ba681_JaffaCakes118
- Size
  
  267KB
- MD5
  
  f46f78ca95597fffeff734068e6ba681
- SHA1
  
  5abe992df37b86efe5f7a1e019f101ee135a8a76
- SHA256
  
  887a73dd182c064135d8451dc7a1c04b9dd19c89e1ec012b5dd22bac52116e6a
- SHA512
  
  11ae1d7f2d4abd01866c09e44a028dcc2902a0ec5365239681fef066f52b8b09059abfeabd3e1d2039f6149f7dd0adb1c344d195c15c4a95f6f63c599e5eb6cd
- SSDEEP
  
  3072:WKCvsQ1ZkyvvaVC5wW760YyUu5VELUUtg7+HqOtTsTERJLGvumPOUIrLeAg0FujH:LQrkoCJvytr7UtkiBvPLiAOg3kaeXV6y
Score

10^/10

icedid banker discovery loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- IcedID First Stage Loader
  loader
- Blocklisted process makes network request
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

icedidbankerdiscoveryloadertrojan

behavioral2

icedidbankerdiscoveryloadertrojan

© 2018-2025

Terms | Privacy