Banking Malware

Detection Engineering Reverse Engineering Threat Hunting

IcedID – Technical Analysis of an IcedID Lightweight x64 DLL

My first public malware research was regarding an x32 PE stager (exe) from the IcedID family. In this research I analyzed three samples from different years, with the aim of identifying code reuse, and developing a Yara signature capable of detecting any IcedID sample, based on fixed code patterns persistent over the years. So you […]

,

IcedID – Technical Analysis of an IcedID Lightweight x64 DLL Read Post »

Detection Engineering Malware Analysis Reverse Engineering

IcedID – Technical Malware Analysis [Second Stage]

In this report I will technical analyze the new IcedID malware, go deep through reverse engineering, debugging and detection engineering. Introduction The IcedID is a banking malware design to steal financial information from your victims. The IcedID malware is also know by MITRE ATT&CK as S0483, and has been around since 2017. The IcedID has

,

IcedID – Technical Malware Analysis [Second Stage] Read Post »

Scroll to Top