icedid | e90eca8b9323c5df35d64897a69bd29c96d6b0bc9b373cd98bd6c317cca17abb | Triage

Sharing

General

Target

e90eca8b9323c5df35d64897a69bd29c96d6b0bc9b373cd98bd6c317cca17abb
Size

160KB
Sample

220427-xv663shgb4
MD5

237b67b8bb108854f88fdac7849ed0ff
SHA1

ee87823a0312914fa267b2da6d46caccb5fab1ae
SHA256

e90eca8b9323c5df35d64897a69bd29c96d6b0bc9b373cd98bd6c317cca17abb
SHA512

4e839f08304149ed32f8f72d8c3ee3ae906ddc767324e788d15445c56cfa8b907053f59e530f9301d51538dc7cbfa377368a7cbd8efffb5ca325ce466468c519

Score

10^/10

icedid 4221486031 banker core_loader trojan

Malware Config

Extracted

Family

icedid

Botnet

4221486031

C2

xijsry.com

zanokiryq.com

gladmitter.com

Attributes

auth_var
2
url_path
/news/

Targets

- Target
  
  e90eca8b9323c5df35d64897a69bd29c96d6b0bc9b373cd98bd6c317cca17abb
- Size
  
  160KB
- MD5
  
  237b67b8bb108854f88fdac7849ed0ff
- SHA1
  
  ee87823a0312914fa267b2da6d46caccb5fab1ae
- SHA256
  
  e90eca8b9323c5df35d64897a69bd29c96d6b0bc9b373cd98bd6c317cca17abb
- SHA512
  
  4e839f08304149ed32f8f72d8c3ee3ae906ddc767324e788d15445c56cfa8b907053f59e530f9301d51538dc7cbfa377368a7cbd8efffb5ca325ce466468c519
Score

10^/10

icedid 4221486031 banker core_loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

icedid4221486031bankercore_loadertrojan