icedid | 82a0b4aa7b254843ccf6080514e526a59d4827e2b7ce5c865bf7a3895c8ece5f | Triage

Sharing

General

Target

7516506119.zip
Size

144KB
Sample

220524-ydhylaagbq
MD5

e542818e2264ad6024522be617ce3007
SHA1

114c020dc0e25b5a4016959252bc4a3d5795620c
SHA256

82a0b4aa7b254843ccf6080514e526a59d4827e2b7ce5c865bf7a3895c8ece5f
SHA512

f6192f9f2b7a427c48f1b99f145da2fab69495c78a237107bea9adf19ed06b3e34762bdc73f5c01ddac486e1a45110fe5ffbebdc9c09539f2aa6ab02242aed70

Score

10^/10

icedid 2352744503 banker core_loader trojan

Malware Config

Extracted

Family

icedid

Botnet

2352744503

C2

fruakij.com

piolsneeds.com

nilkomadik.com

qipanzero.com

Attributes

auth_var
13
url_path
/news/

Targets

- Target
  
  3c5eda37850f129df2bedc4d487c7bbeaa0f282121f53ffcc0cdf60d3a8945f8
- Size
  
  288KB
- MD5
  
  a23c161d5c4e12b3247dcbf19f6196ba
- SHA1
  
  4e353e3c92b22e7197d21f59d85cd31b7bf9aa75
- SHA256
  
  3c5eda37850f129df2bedc4d487c7bbeaa0f282121f53ffcc0cdf60d3a8945f8
- SHA512
  
  1deee8ce4a438d4fdce15031cbd565058c6cac31ffe48cbab1c86bc8eb8ef85b5794fdc2d10c344d506243904d1b6fbca9b8a8dc101237991eb2d6b603db6fa8
Score

10^/10

icedid 2352744503 banker core_loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid2352744503bankercore_loadertrojan

behavioral2

icedid2352744503bankercore_loadertrojan