icedid | e2e3faccd2903f8c8a9006222089cc0150bd405a8f2159386cae470cc9fed20b | Triage

Sharing

General

Target

icedid.zip
Size

458KB
Sample

220521-gwwhzadeeq
MD5

739f25c8b474e708f4b1dee4d7b193aa
SHA1

e67fe068fa3986ba86d040e7db6ca44a1e93d49e
SHA256

e2e3faccd2903f8c8a9006222089cc0150bd405a8f2159386cae470cc9fed20b
SHA512

13bd2e44cd01e20acb63781d5aa57ff6fd1e4241f88ace78cbaaf1087906d3c7ede5b012868ca3f2a4454edea6c089b7d3b5b8b8a799b35a880b181600a21b42

Score

10^/10

icedid 2406015698 banker core_loader trojan

Malware Config

Extracted

Family

icedid

Botnet

2406015698

C2

commamimubebe.site

asredetyr.site

aszepolityu.fun

likoportio.fun

Attributes

auth_var
6
url_path
/news/

Targets

- Target
  
  core.bat
- Size
  
  73B
- MD5
  
  b8f2d8e526026d4a189eeca714b5dfc0
- SHA1
  
  ab74f4367561ce11c38377923d9d26f8d23de262
- SHA256
  
  b66fa4afd421fc5acd6e1a6855857209e37b2cd18703831a85b286da5f685fbf
- SHA512
  
  3c99b4da1e4e085aba8044d57e3f58695fecbcceb670f9f4cf59e7d1cf641f1a740daad4a9bcf2055f6c28709425301563c36f6046bd0e15f6876b7a2b70feb2
Score

10^/10

icedid 2406015698 banker core_loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid2406015698bankercore_loadertrojan