icedid | afc02b6439b4ff5b81ea7e72825f28bab38c2bd1a0505c44468a2e99868792c3 | Triage

Sharing

General

Target

7501296135.zip
Size

460KB
Sample

220525-2xel3aegd5
MD5

2d071cb075b4bc31e1c979eecde6faeb
SHA1

9dac67ce03be6caa53f7149189a4f5eda2a0cdc4
SHA256

afc02b6439b4ff5b81ea7e72825f28bab38c2bd1a0505c44468a2e99868792c3
SHA512

97455d7317dec99108b4eba34e994a88eb84e9939f2bf2731f56a832a22b1248e9deba47dbb2c806ac867c2f4a416e7371b05449d86d19cf0be35ba1f0f23ee0

Score

10^/10

icedid 1129175425 banker core_loader trojan

Malware Config

Extracted

Family

icedid

Botnet

1129175425

C2

intonthsnstr.rest

estoptionicou.top

ypothesisabo.top

flipperzillo.quest

Attributes

auth_var
9
url_path
/news/

Targets

- Target
  
  00271fb58b517a5240bb661b9d1222b3ff26582666a6e7c57d132d15d6b47f8f
- Size
  
  948KB
- MD5
  
  5bb2764db122ce725b6556e3aaad9504
- SHA1
  
  1254601f5eb7f42da1a129d08dd46c5e3b94d6b8
- SHA256
  
  00271fb58b517a5240bb661b9d1222b3ff26582666a6e7c57d132d15d6b47f8f
- SHA512
  
  715d567aff20b610c14d6ac5d9c319587371654da40f30f8c1982c1803f7b97efea19e407e6ed1d169e4e72f8ad41021ea068f1ceec630fed8a0e24d6388d6ae
Score

10^/10

icedid 1129175425 banker core_loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid1129175425bankercore_loadertrojan

behavioral2

icedid1129175425bankercore_loadertrojan