icedid | 23c78e805bd910b9f4af543b4f6079b4f02241ed808cca9f76a42465a73e4811 | Triage

Sharing

General

Target

23c78e805bd910b9f4af543b4f6079b4f02241ed808cca9f76a42465a73e4811
Size

503KB
Sample

220225-ajdztsfbhm
MD5

484d9615f10be93fe9e5fe475f4bcdc5
SHA1

3f5d2f28365ad8a2f3d6ecbfe5473bc74aa30b60
SHA256

23c78e805bd910b9f4af543b4f6079b4f02241ed808cca9f76a42465a73e4811
SHA512

8d3474b1dce09e0930be89d4edcc6387bc348a2a8b8c0545392a8a8e4d4e409ddd3b858ba018aa6031a39253ac619c9ea94969e59a52b42ff3739a5249d7bb2b

Score

10^/10

icedid 3106999479 banker trojan

Malware Config

Extracted

Family

icedid

Botnet

3106999479

C2

balliordan.com

oprenfirst.com

loremurs.com

Attributes

auth_var
17
url_path
/news/

Targets

- Target
  
  23c78e805bd910b9f4af543b4f6079b4f02241ed808cca9f76a42465a73e4811
- Size
  
  503KB
- MD5
  
  484d9615f10be93fe9e5fe475f4bcdc5
- SHA1
  
  3f5d2f28365ad8a2f3d6ecbfe5473bc74aa30b60
- SHA256
  
  23c78e805bd910b9f4af543b4f6079b4f02241ed808cca9f76a42465a73e4811
- SHA512
  
  8d3474b1dce09e0930be89d4edcc6387bc348a2a8b8c0545392a8a8e4d4e409ddd3b858ba018aa6031a39253ac619c9ea94969e59a52b42ff3739a5249d7bb2b
Score

10^/10

icedid 3106999479 banker trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid3106999479bankertrojan

behavioral2

icedid3106999479bankertrojan