core.zip

General
Target

core.zip

Size

349KB

Sample

210623-fa6mx24cr2

Score
10 /10
MD5

d86fa85a9902573abc91b7bc80c96e1c

SHA1

1202c844cf83f8605380e6b5754b619a7de3a67a

SHA256

512b17c540c622e90879c8f382013187f6053a858381364367c258639b34b21e

SHA512

05d6becba206748c1d4440ce5766e5265a2d8f0746e858b61d314b390bd5ad8e1d5be94c0bbfd3b4b84ae5cd6e3ae4ac63e084379dea824731a6431ce4a77be5

Malware Config

Extracted

Family icedid
rsa_pubkey.plain

Extracted

Family icedid
Botnet 987543880
C2

fimlubindu.top

vindurualeg.top

bigcostarikas.top

extrimefigim.top

Attributes
auth_var
8
url_path
/news/
Targets
Target

core/cmd.bat

MD5

18922a31adfef9144b9c68694a211b48

Filesize

188B

Score
10 /10
SHA1

1e63fbb6511e15ba07f555c11b2a05d63e49b5a3

SHA256

68867aec1fd8a6eb416081c747705e847de95c033f5b38eb57ea575c69397210

SHA512

573349edbae1baf769457402c65670b9d76facec7c056010a7b2a556d433d9176418cd4a2a39dd04654c3c4216019d27d47e15a6c1fd4f4fdcc57d5f98664a4a

Tags

Signatures

  • IcedID, BokBot

    Description

    IcedID is a banking trojan capable of stealing credentials.

    Tags

  • Blocklisted process makes network request

Related Tasks

Target

core/genre-64.dat

MD5

1a90ea27cf944e04b70ca2f3c92ab6d9

Filesize

48KB

Score
1 /10
SHA1

3cdb8c31496d5de43fcd627077f98a5548a22627

SHA256

039a59bfb6b07872a7bba707045f9639d029c2009b4c4297af1526cdaa07d479

SHA512

a41b590e5b2b1bcf1c6e5db066b74eec41e29976a2193e2bffc0f96571888e86f44197e813dd78f8814e752b70466e18622c27ea050ed954b2bf639157fac535

Related Tasks

MITRE ATT&CK Matrix
Collection
    Command and Control
      Credential Access
        Defense Evasion
          Discovery
            Execution
              Exfiltration
                Impact
                  Initial Access
                    Lateral Movement
                      Persistence
                        Privilege Escalation
                          Tasks

                          static1

                          behavioral1

                          10/10

                          behavioral2

                          10/10

                          behavioral3

                          1/10

                          behavioral4

                          1/10