icedid | 174fedef472738f40a4e642fdd6c21fa68c3d2058e80efc63b0c1a683486f6c2 | Triage

Resubmissions

28-07-2021 10:22

210728-9hytehaj9s 10

26-07-2021 22:37

210726-1mt87gdfxe 10

Sharing

General

Target

174fedef472738f40a4e642fdd6c21fa68c3d2058e80efc63b0c1a683486f6c2
Size

158KB
Sample

210726-1mt87gdfxe
MD5

0120cbfca6034db079bffb470b28d2d6
SHA1

95c417050c62a842c53b11987cfb044fe153899a
SHA256

174fedef472738f40a4e642fdd6c21fa68c3d2058e80efc63b0c1a683486f6c2
SHA512

b271255d79a5203ea9f924cac138130c9bbec82cc81f26ac7404cec18c5abf9d37b1f7b68597e82ee449138b1136bda227592b6c204657c3ab17a30adb5b3a7f

Score

10^/10

icedid 81538452 banker trojan

Malware Config

Extracted

Family

icedid

Botnet

81538452

C2

garrozalibbo.click

disponfirules.top

mislinororv.top

twistcolseza.top

Attributes

auth_var
8
url_path
/news/

Targets

- Target
  
  174fedef472738f40a4e642fdd6c21fa68c3d2058e80efc63b0c1a683486f6c2
- Size
  
  158KB
- MD5
  
  0120cbfca6034db079bffb470b28d2d6
- SHA1
  
  95c417050c62a842c53b11987cfb044fe153899a
- SHA256
  
  174fedef472738f40a4e642fdd6c21fa68c3d2058e80efc63b0c1a683486f6c2
- SHA512
  
  b271255d79a5203ea9f924cac138130c9bbec82cc81f26ac7404cec18c5abf9d37b1f7b68597e82ee449138b1136bda227592b6c204657c3ab17a30adb5b3a7f
Score

10^/10

icedid 81538452 banker trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid81538452bankertrojan

behavioral2

icedid81538452bankertrojan