icedid | 383a03354a9433235e4a729af0da5dcf0b4244521bca51aa0808f29bf74b17fb | Triage

Sharing

General

Target

7526666120.zip
Size

144KB
Sample

220530-s1cgfaacb8
MD5

0f1adce53a34379532f8be49c02be3ba
SHA1

e07607d096276dd67eee3bab168c8bc45e881ffd
SHA256

383a03354a9433235e4a729af0da5dcf0b4244521bca51aa0808f29bf74b17fb
SHA512

f6f2763982c82c5f2971b729a24ea2c71b902be397fda9c55a8e0437e438993325c4514a3ef03f98f7b52ed37f216b51b61e3bd3f8ecf656726a49a716832d8b

Score

10^/10

icedid 3121611028 banker core_loader trojan

Malware Config

Extracted

Family

icedid

Botnet

3121611028

C2

implementalyhiol.rest

floppyfgreed.fun

headwayndred.rest

dasreropolo.quest

Attributes

auth_var
4
url_path
/news/

Targets

- Target
  
  b5164d3fd8ed798af2f03afe09d9421a710bba76a265b6da20141163f387a992
- Size
  
  276KB
- MD5
  
  45a528e8d51d6b14e7e74395ee5dd2ab
- SHA1
  
  b7daf2ff47703dfe4f1268fdc8a4fc51aab2bb47
- SHA256
  
  b5164d3fd8ed798af2f03afe09d9421a710bba76a265b6da20141163f387a992
- SHA512
  
  0c22e782161c92d4090138c4299d9f891cb168ffa363d3dad62f8cf468cc9a7450c0947f8ed6536eced46ff4737edc1f97ef9a4f17230209563060c5235d4f0c
Score

10^/10

icedid 3121611028 banker core_loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid3121611028bankercore_loadertrojan

behavioral2

icedid3121611028bankercore_loadertrojan