icedid | d0ca2f465d8e620742682dbcc955e7a52e20d71333483d31379d776e1ef0be58 | Triage

Sharing

General

Target

d0ca2f465d8e620742682dbcc955e7a52e20d71333483d31379d776e1ef0be58
Size

74KB
Sample

211108-1eadysabgq
MD5

3766ceff9fad0d5ccd13b060ca5269bb
SHA1

8fc8b51db082bc0a34c6088322a070578fb4fb21
SHA256

d0ca2f465d8e620742682dbcc955e7a52e20d71333483d31379d776e1ef0be58
SHA512

e132814c710195b9993331e9108b08aefe1e0a68572128509329e6747c3c948ebb8d52903b113ebb82a5868d66a0f282c116e05a61fd5c57c09447a8f235a105

Score

10^/10

icedid 1217670233 banker trojan

Malware Config

Extracted

Family

icedid

Botnet

1217670233

C2

lakogrefop.rest

hangetilin.top

follytresh.co

zojecurf.store

Attributes

auth_var
14
url_path
/posts/

Targets

- Target
  
  d0ca2f465d8e620742682dbcc955e7a52e20d71333483d31379d776e1ef0be58
- Size
  
  74KB
- MD5
  
  3766ceff9fad0d5ccd13b060ca5269bb
- SHA1
  
  8fc8b51db082bc0a34c6088322a070578fb4fb21
- SHA256
  
  d0ca2f465d8e620742682dbcc955e7a52e20d71333483d31379d776e1ef0be58
- SHA512
  
  e132814c710195b9993331e9108b08aefe1e0a68572128509329e6747c3c948ebb8d52903b113ebb82a5868d66a0f282c116e05a61fd5c57c09447a8f235a105
Score

10^/10

icedid 1217670233 banker trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid1217670233bankertrojan