icedid | 661d054dab542fbbe440f8de0818be28765838bb7daced21628323eae8d7d9ab | Triage

Sharing

General

Target

7495196127.zip
Size

467KB
Sample

220524-ycv7jaafhj
MD5

421801fb8fa0708a1b196eff35d89fa8
SHA1

9777571328e6286cc2240fb9c5a0bebeaf4a0e4d
SHA256

661d054dab542fbbe440f8de0818be28765838bb7daced21628323eae8d7d9ab
SHA512

02b725a4bec582d34db17b1ee29fc3be30a7f06054b54a71a7206b855f79a8fa8d143113b67b9652f52e8610c94a8916e52bd14486fc95974450be2a561f6832

Score

10^/10

icedid 2834479906 banker core_loader trojan

Malware Config

Extracted

Family

icedid

Botnet

2834479906

C2

guguchrome.com

hipnoguard.com

sawertinoit.site

attemptersnext.site

Attributes

auth_var
7
url_path
/news/

Targets

- Target
  
  327006b939627d1300906e10ec00cae6092d97929b104af552c2bd18882f7df3
- Size
  
  971KB
- MD5
  
  2354c4108ff8bcb2233e6dc1f072d74f
- SHA1
  
  5db7d74c3934c57cf7a9c34d9d3cd5bc79a4f4f1
- SHA256
  
  327006b939627d1300906e10ec00cae6092d97929b104af552c2bd18882f7df3
- SHA512
  
  6e4821416aaad79e3eb7dd1b349d84743671a7fac2af279af3b5cf54c28efa52aa811790cee390e25dbc37fa94f12a46acfd16a93280496fe67413f267204c42
Score

10^/10

icedid 2834479906 banker core_loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid2834479906bankercore_loadertrojan

behavioral2

icedid2834479906bankercore_loadertrojan