icedid | aaea38a5b591827a5f130f7c72419d1078739db4d084529b11f058e69611f198 | Triage

Sharing

General

Target

7428896161.zip
Size

164KB
Sample

220516-z5yzkahgh6
MD5

d1363120d675ab7609adef926159893c
SHA1

fde2d2c2a241c9df6c694e245324ef4af771d5b3
SHA256

aaea38a5b591827a5f130f7c72419d1078739db4d084529b11f058e69611f198
SHA512

dfea06064839e5d14afbb5eac66b559ed8bdcea07ae2868843a669869d2eb4b777d95450df9adc790b56231d51df1cd2a8fb23e244a583dc81bf6e808bd05313

Score

10^/10

icedid 758198863 banker core_loader trojan

Malware Config

Extracted

Family

icedid

Botnet

758198863

C2

hulojipo.store

lakebikerool.com

comradespoon.com

zmekiloder.site

Attributes

auth_var
6
url_path
/news/

Targets

- Target
  
  297ef9fdd49ee3cb02deadb685ccba0848482459aa6a8d8555289add02649514
- Size
  
  305KB
- MD5
  
  3318fca7c4ab041cb0e913322472a916
- SHA1
  
  10d7ae35545b3c71afcee71965bed70a88187a99
- SHA256
  
  297ef9fdd49ee3cb02deadb685ccba0848482459aa6a8d8555289add02649514
- SHA512
  
  1d8f2d6f252f96ca711db44cad2fd2cc7d119200af5ff71b65957922d6353a30f57dc91345f62e47cd39928dc19390f37befce3a01ec9f04444f7fb446ad3ccb
Score

10^/10

icedid 758198863 banker core_loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid758198863bankercore_loadertrojan

behavioral2

icedid758198863bankercore_loadertrojan