icedid | bdfd56dd91992dd1030ace8033d499613a6ce86e05439de10201ecb97b3ad810 | Triage

Sharing

General

Target

files.zip
Size

380KB
Sample

211124-dnbxtafae7
MD5

2aff871ea2a4ad1cec4bb4514a1b3956
SHA1

d9e92eec2e566745b75bd155e6c59269440c18c4
SHA256

bdfd56dd91992dd1030ace8033d499613a6ce86e05439de10201ecb97b3ad810
SHA512

4969866f83bea8cdbab7e676aec4b168bf91d0ba8da54be04528323953fce9ab459bd8247dab158c375f4b6cb16cf30e6cd804a7f31e2ab06029db7b7b2505a2

Score

10^/10

icedid 2237127122 banker trojan

Malware Config

Extracted

Family

icedid

Botnet

2237127122

C2

lokidasterreno.site

burgomustopr.rest

lopityr4.pw

rocesdilin.top

Attributes

auth_var
5
url_path
/posts/

Targets

- Target
  
  owbuan.dll
- Size
  
  60KB
- MD5
  
  4ac67d34ccfd7dfa762c1ba106570da5
- SHA1
  
  83dfa1d3b9a6977e46f9da817676e7fa30842cbd
- SHA256
  
  c0d50566684e85a72d12218977eee4877ac4a965df86333bc32aa54fa5032f39
- SHA512
  
  4aeeb375a4ba9cf7aae36f8ac8c389f29664b2c1ff11c6e111c0c4f716b69597e4a050017ae2b386fbbfe60e71422ceadef5e8f7d72b3b12683fb8894c256ea5
Score

1^/10
behavioral1 behavioral2
- Target
  
  run.bat
- Size
  
  108B
- MD5
  
  c889cd7bf3f3a9e3a11961e4bb3fe490
- SHA1
  
  2ddc53c7486416bd44ec1891b421141b80841beb
- SHA256
  
  8132984f843519aed08d7f32deb33cb534fa08e804530ef72ca0b4c12643e123
- SHA512
  
  8440b2cf5d0b1ded51174d2fe18e12fe35294eb1553d800a5bb98e7e153911f4d16bca347ba1005e82e10b07231026a0a456acdf9af8f5060f2fc9b71425afdc
Score

10^/10

icedid 2237127122 banker trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral3 behavioral4

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

icedid2237127122bankertrojan

behavioral4

icedid2237127122bankertrojan