General

  • Target

    2024-12-23_f3b41bdf446da20ec4a69b75553de00c_icedid

  • Size

    492KB

  • Sample

    241223-w6z2gaxlgr

  • MD5

    f3b41bdf446da20ec4a69b75553de00c

  • SHA1

    5a76ff6d33c3deea147b2aee40f81b852d05a547

  • SHA256

    0931164fd8dd8d00dcc552cd49c7906ad4daea838e534331f59c562e9ec9124b

  • SHA512

    58c796eabe0d90ca9d2bfc40fd8cdb04501ba461e4466364a91e080012a51ed0a81deed64acf12b8055955ec085a95653316aec7fb7f25a71a808f723e1337bd

  • SSDEEP

    6144:DY352aQ3hklPFghZqqdd2P1MmUncrxspxWlZ7XPNUXfpoW37kXQx:DG52rkDg/TdEY4XPWxoW37Yq

Malware Config

Targets

    • Target

      2024-12-23_f3b41bdf446da20ec4a69b75553de00c_icedid

    • Size

      492KB

    • MD5

      f3b41bdf446da20ec4a69b75553de00c

    • SHA1

      5a76ff6d33c3deea147b2aee40f81b852d05a547

    • SHA256

      0931164fd8dd8d00dcc552cd49c7906ad4daea838e534331f59c562e9ec9124b

    • SHA512

      58c796eabe0d90ca9d2bfc40fd8cdb04501ba461e4466364a91e080012a51ed0a81deed64acf12b8055955ec085a95653316aec7fb7f25a71a808f723e1337bd

    • SSDEEP

      6144:DY352aQ3hklPFghZqqdd2P1MmUncrxspxWlZ7XPNUXfpoW37kXQx:DG52rkDg/TdEY4XPWxoW37Yq

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

    • Trickbot family

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks