icedid | ab841fb070572fe43b2f8ffa33780efb15024e1ae70007e3bf86a3e73c223ddb | Triage

Sharing

General

Target

ab841fb070572fe43b2f8ffa33780efb15024e1ae70007e3bf86a3e73c223ddb
Size

45KB
Sample

220427-17xd7aegdn
MD5

81d5e0f3ab9555c2200ff53667996ca5
SHA1

448aae63ac99030a3c9445a81d38417f553d95fd
SHA256

ab841fb070572fe43b2f8ffa33780efb15024e1ae70007e3bf86a3e73c223ddb
SHA512

a9cacd5102cf2d6013bb9b8f95b13f8407f8ab2692ed8a7413f9c0beb4962957b26df771b23e5af10a38cbc4f0eb70a2bed6ce80a9566c880f140b26347a20c4

Score

10^/10

icedid 3415411565 banker core_loader trojan

Malware Config

Extracted

Family

icedid

Botnet

3415411565

C2

antnosience.com

seaskysafe.com

otectagain.top

dilimoretast.com

Attributes

auth_var
17
url_path
/news/

Targets

- Target
  
  ab841fb070572fe43b2f8ffa33780efb15024e1ae70007e3bf86a3e73c223ddb
- Size
  
  45KB
- MD5
  
  81d5e0f3ab9555c2200ff53667996ca5
- SHA1
  
  448aae63ac99030a3c9445a81d38417f553d95fd
- SHA256
  
  ab841fb070572fe43b2f8ffa33780efb15024e1ae70007e3bf86a3e73c223ddb
- SHA512
  
  a9cacd5102cf2d6013bb9b8f95b13f8407f8ab2692ed8a7413f9c0beb4962957b26df771b23e5af10a38cbc4f0eb70a2bed6ce80a9566c880f140b26347a20c4
Score

10^/10

icedid 3415411565 banker core_loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid3415411565bankercore_loadertrojan

behavioral2

icedid3415411565bankercore_loadertrojan