icedid | 688a5177c303494aeedff97f2d6d8ef2a54ec5aeafbb7e862e21ea684afdb2b0 | Triage

Sharing

General

Target

7500996120.zip
Size

273KB
Sample

220523-144zvschdl
MD5

d3eddab3d2ed6d78f40fd6da1a96f94b
SHA1

fe44dd342f9991a26077f43c6254e4b43581d513
SHA256

688a5177c303494aeedff97f2d6d8ef2a54ec5aeafbb7e862e21ea684afdb2b0
SHA512

01feceb2c292243878ef7e711dc9e97f879c048c8811b09412ef4b212aaa77959f9e5cd2010803f28d9630cc2ba41a7285188f7a1057d7eb4c561ed1db76fd22

Score

10^/10

icedid 2352744503 banker core_loader trojan

Malware Config

Extracted

Family

icedid

Botnet

2352744503

C2

drefsunl.com

fruakij.com

neonverdicto.com

ferroparromo.fun

Attributes

auth_var
10
url_path
/news/

Targets

- Target
  
  fbfa75bf73c80f221042624aa908c9eb2f8729755d439c09a4e0f64b4c52785c
- Size
  
  535KB
- MD5
  
  40d3be07121a0a81dad3232e6e7c90da
- SHA1
  
  1cecea17a0cdbdf102c41b475ba7d71270e5aab7
- SHA256
  
  fbfa75bf73c80f221042624aa908c9eb2f8729755d439c09a4e0f64b4c52785c
- SHA512
  
  65c70f630f5522a5959e547b50c08fa2e520db9d5dcff54354dc395954a51c0d2abebd8b354e0bb1d8600495816aeac32d05bc7daf6a558395f949f98d07d37b
Score

10^/10

icedid 2352744503 banker core_loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid2352744503bankercore_loadertrojan

behavioral2

icedid2352744503bankercore_loadertrojan