A Deep Dive Into IcedID Malware: Part II – Analysis of the Core IcedID Payload (Parent Process)

In part I of the blog, I demonstrated how to unpack the IcedID malware, hooking and process injection techniques used by IcedID, as well as how to execute the IcedID payload. In this part, let’s take a closer look at the core payload. 0x01 Overview Of The Payload The following is Continue Reading

A Deep Dive Into IcedID Malware: Part I – Unpacking, Hooking and Process Injection

IcedID is a banking trojan which performs web injection on browsers and acts as proxy to inspect and manipulate traffic. It steals information, such as credentials, from victims. It then sends that stolen information to a remote server. Recently, the FortiGuard Labs team started to investigate some IcedID samples. In this Continue Reading

>