Overview

overview

10

Static

static

3

2025-02-13...id.exe

windows7-x64

10

2025-02-13...id.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2025-02-13_21c01d076052e7a5e92dc9f2e9417512_icedid

  • Size

    492KB

  • Sample

    250213-16l7tswmgl

  • MD5

    21c01d076052e7a5e92dc9f2e9417512

  • SHA1

    68d358f4c4fa66119814d3118a14e91223c8fd65

  • SHA256

    5a876c475ae79335efb653a9d100d29190142743bf9a7f04ca6cdd2240610b35

  • SHA512

    68c48b2d2bcdf6ea80b8949569503278e9c48c14d9421ba821f085c59c395b324ebb5adad8eeaa6da23ada6ba66c0403108070a8a24232659756324269cf3a18

  • SSDEEP

    6144:BY352aQ3hklPFghZqqdd2PRMmUnpDUmwqO27fXjscN9Q9h8w2gyx7Ddp2q44:BG52rkDg/TdE+DUGXgEQI2yx+q

Score
10/10
trickbotbankerdiscoverytrojan

Malware Config

Targets

    • Target

      2025-02-13_21c01d076052e7a5e92dc9f2e9417512_icedid

    • Size

      492KB

    • MD5

      21c01d076052e7a5e92dc9f2e9417512

    • SHA1

      68d358f4c4fa66119814d3118a14e91223c8fd65

    • SHA256

      5a876c475ae79335efb653a9d100d29190142743bf9a7f04ca6cdd2240610b35

    • SHA512

      68c48b2d2bcdf6ea80b8949569503278e9c48c14d9421ba821f085c59c395b324ebb5adad8eeaa6da23ada6ba66c0403108070a8a24232659756324269cf3a18

    • SSDEEP

      6144:BY352aQ3hklPFghZqqdd2PRMmUnpDUmwqO27fXjscN9Q9h8w2gyx7Ddp2q44:BG52rkDg/TdE+DUGXgEQI2yx+q

    Score
    10/10
    trickbotbankerdiscoverytrojan

    • Trickbot

      Developed in 2016, TrickBot is one of the more recent banking Trojans.

      trojanbankertrickbot

    • Trickbot family

      trickbot

    • Trickbot x86 loader

      Detected Trickbot's x86 loader that unpacks the x86 payload.

    • Downloads MZ/PE file

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks