icedid | 14d95ca0c65a501530d76e66ac2d0afa0711e352476bd58e0204534af400fe08 | Triage

Sharing

General

Target

14d95ca0c65a501530d76e66ac2d0afa0711e352476bd58e0204534af400fe08
Size

158KB
Sample

211127-rvpzxabbgq
MD5

5cb0eef07236f9c8e1a283cad056d234
SHA1

c5a03189baae18cc31b41c4c6aa77b60cc34f423
SHA256

14d95ca0c65a501530d76e66ac2d0afa0711e352476bd58e0204534af400fe08
SHA512

52cb1ba1f77fc1eb6ac8e2c49fed7a415d01839b9ab7297c7cc5d640cd9d7b9f8fc59993627373c16eb0178d225859a0fac22c2083929ca4ee59fa4b0dbf3f39

Score

10^/10

icedid 81538452 banker trojan

Malware Config

Extracted

Family

icedid

Botnet

81538452

C2

garrozalibbo.click

disponfirules.top

mislinororv.top

twistcolseza.top

Attributes

auth_var
8
url_path
/news/

Targets

- Target
  
  14d95ca0c65a501530d76e66ac2d0afa0711e352476bd58e0204534af400fe08
- Size
  
  158KB
- MD5
  
  5cb0eef07236f9c8e1a283cad056d234
- SHA1
  
  c5a03189baae18cc31b41c4c6aa77b60cc34f423
- SHA256
  
  14d95ca0c65a501530d76e66ac2d0afa0711e352476bd58e0204534af400fe08
- SHA512
  
  52cb1ba1f77fc1eb6ac8e2c49fed7a415d01839b9ab7297c7cc5d640cd9d7b9f8fc59993627373c16eb0178d225859a0fac22c2083929ca4ee59fa4b0dbf3f39
Score

10^/10

icedid 81538452 banker trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid81538452bankertrojan

behavioral2

icedid81538452bankertrojan