icedid | 4cadcd74980239a16474d3b4d30eaa8c89e49c1f6e1ab3314ea1465720c4bbd5 | Triage

Sharing

General

Target

4cadcd74980239a16474d3b4d30eaa8c89e49c1f6e1ab3314ea1465720c4bbd5
Size

34KB
Sample

220427-xx7wdshgh4
MD5

646247f32385dd66dbe30e59b0bc957b
SHA1

55507ea39a2d354f9974f9580956d17161e4a87d
SHA256

4cadcd74980239a16474d3b4d30eaa8c89e49c1f6e1ab3314ea1465720c4bbd5
SHA512

68333247ac448b5d7092a61c9d8c5f441be71fe96e1ca2fa3fd5f7849b3f9a4199e8c63080439bb41869f8432d3cf8908fe4deef84fb9d15237f01930ee2708b

Score

10^/10

icedid 3671205527 banker core_loader trojan

Malware Config

Extracted

Family

icedid

Botnet

3671205527

C2

blackferrow.com

orangegrande.com

Attributes

auth_var
1
url_path
/news/

Targets

- Target
  
  4cadcd74980239a16474d3b4d30eaa8c89e49c1f6e1ab3314ea1465720c4bbd5
- Size
  
  34KB
- MD5
  
  646247f32385dd66dbe30e59b0bc957b
- SHA1
  
  55507ea39a2d354f9974f9580956d17161e4a87d
- SHA256
  
  4cadcd74980239a16474d3b4d30eaa8c89e49c1f6e1ab3314ea1465720c4bbd5
- SHA512
  
  68333247ac448b5d7092a61c9d8c5f441be71fe96e1ca2fa3fd5f7849b3f9a4199e8c63080439bb41869f8432d3cf8908fe4deef84fb9d15237f01930ee2708b
Score

10^/10

icedid 3671205527 banker core_loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

icedid3671205527bankercore_loadertrojan