icedid | bbebe2156314adb442b9610c8e652f9b87a090c66242ccc380b1b60ee1c16eba | Triage

Sharing

General

Target

7509656120.zip
Size

297KB
Sample

220530-s1wkbaacd9
MD5

92f6ac8352df9f3e60d4cf0e5ad72432
SHA1

8530728695262daef8d34da67c4b6919b597403b
SHA256

bbebe2156314adb442b9610c8e652f9b87a090c66242ccc380b1b60ee1c16eba
SHA512

e2d84167f4d074fbb00374b66b2e7c018d64d81e2bfa26932f198964bbc11a41a778a7c4690b477f2265692f67eff2226e808b8146b8e38211cdda9d6e9c6dd7

Score

10^/10

icedid 452507187 banker core_loader trojan

Malware Config

Extracted

Family

icedid

Botnet

452507187

C2

ribedexperi.top

sobaprivba.rest

anuonuribids.store

teensviolet.com

Attributes

auth_var
19
url_path
/news/

Targets

- Target
  
  b1f0edb77c4d758ac264faa3dd4ea22b75592e531d7952d13c68c018d26b0fe9
- Size
  
  574KB
- MD5
  
  c3edcc2b6eeb27aa2249d73735885080
- SHA1
  
  697be28c37d08438c7ee28b0dabeb5a3bdbd17bb
- SHA256
  
  b1f0edb77c4d758ac264faa3dd4ea22b75592e531d7952d13c68c018d26b0fe9
- SHA512
  
  ef016607e87ab5c50a8c33c249622da25387617bbf9ded845f428e6c9164153e324772db86319c0fe3cac25aade5760577ea02378b7672c11e37195771956606
Score

10^/10

icedid 452507187 banker core_loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid452507187bankercore_loadertrojan

behavioral2

icedid452507187bankercore_loadertrojan