icedid | 15301c74c2c7bcf72152cda48b4f9a11060c31e6cf16324f88902a786c9c3da7 | Triage

Sharing

General

Target

15301c74c2c7bcf72152cda48b4f9a11060c31e6cf16324f88902a786c9c3da7
Size

708KB
Sample

220524-rs7ryahhel
MD5

d50ed520e13ae1bcc86e2c8be3fbbf1d
SHA1

52e38ade4e9bfedb7a4e9ab36a175c7e6f5f9b50
SHA256

15301c74c2c7bcf72152cda48b4f9a11060c31e6cf16324f88902a786c9c3da7
SHA512

80951bceabd01fd28c465fffab15435363ce436e510e2b00411a15a39219f4177d45e8b70fad6a0bb45366473a0722a2f3d40bd8cefb4d1722f5e8f87ad3b061

Score

10^/10

icedid 513366864 banker loader trojan

Malware Config

Extracted

Family

icedid

Botnet

513366864

C2

magnwnce.com

corposted.com

presifered.com

coujtried.com

molinaro.top

amongolia.com

jjanuatu.com

Attributes

auth_var
11
url_path
/index.php

Targets

- Target
  
  15301c74c2c7bcf72152cda48b4f9a11060c31e6cf16324f88902a786c9c3da7
- Size
  
  708KB
- MD5
  
  d50ed520e13ae1bcc86e2c8be3fbbf1d
- SHA1
  
  52e38ade4e9bfedb7a4e9ab36a175c7e6f5f9b50
- SHA256
  
  15301c74c2c7bcf72152cda48b4f9a11060c31e6cf16324f88902a786c9c3da7
- SHA512
  
  80951bceabd01fd28c465fffab15435363ce436e510e2b00411a15a39219f4177d45e8b70fad6a0bb45366473a0722a2f3d40bd8cefb4d1722f5e8f87ad3b061
Score

10^/10

icedid 513366864 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- IcedID Second Stage Loader
  loader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

icedid513366864bankerloadertrojan