Overview

overview

10

Static

static

3

JaffaCakes...9d.dll

windows7-x64

10

JaffaCakes...9d.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    JaffaCakes118_e29aa8cf72742c0a12a4303c4a851a5e87f2287d186619c5c1135898ff12569d

  • Size

    345KB

  • Sample

    241223-va8s3avphn

  • MD5

    59ab158bff6aa69e3316e7cfe7b60403

  • SHA1

    9bd51ebcb57ca37dbe9a7ef4f810808e660f936a

  • SHA256

    e29aa8cf72742c0a12a4303c4a851a5e87f2287d186619c5c1135898ff12569d

  • SHA512

    4b813203257d4fbb159992f36dcf5e5fcef4d9e1a0f64293c0657e61ef36756967213305fe717da1463600c01cf334ae79cf6a2e7af28879da0a07f037496688

  • SSDEEP

    6144:l3zDUbuCM/zV1boMSThnjDEt+Ay15GaC14qQQd/ZzRzYNjNo/+qnA:l3iubgM618t+AyiaCdVdRtzYNjNo/+I

Score
10/10
icedidbankerdiscoveryloadertrojan

Malware Config

Extracted

Family

icedid

C2

redicilious.online

Targets

    • Target

      JaffaCakes118_e29aa8cf72742c0a12a4303c4a851a5e87f2287d186619c5c1135898ff12569d

    • Size

      345KB

    • MD5

      59ab158bff6aa69e3316e7cfe7b60403

    • SHA1

      9bd51ebcb57ca37dbe9a7ef4f810808e660f936a

    • SHA256

      e29aa8cf72742c0a12a4303c4a851a5e87f2287d186619c5c1135898ff12569d

    • SHA512

      4b813203257d4fbb159992f36dcf5e5fcef4d9e1a0f64293c0657e61ef36756967213305fe717da1463600c01cf334ae79cf6a2e7af28879da0a07f037496688

    • SSDEEP

      6144:l3zDUbuCM/zV1boMSThnjDEt+Ay15GaC14qQQd/ZzRzYNjNo/+qnA:l3iubgM618t+AyiaCdVdRtzYNjNo/+I

    Score
    10/10
    icedidbankerdiscoveryloadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • Icedid family

      icedid

    • IcedID First Stage Loader

      loader

    • Blocklisted process makes network request

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks