icedid | 017b5107dd94bb2c988c4ac235239082cd14742c172cddb09ffaac7777b40221 | Triage

Sharing

General

Target

7469536173.zip
Size

144KB
Sample

220531-25p3rsggfp
MD5

a71720e7bd8bad123b1f533e9400d65a
SHA1

a4e650db34a8941ef7b9bc9a593e8118b504a1f7
SHA256

017b5107dd94bb2c988c4ac235239082cd14742c172cddb09ffaac7777b40221
SHA512

c77cb172f1b75794b4d6b801d395468a06d704d571237d5ef2050e026e3ee89e64b4dbdb716b43417ff879ccb84e23d58380c179ebc9d6870247d0eb449ccdca

Score

10^/10

icedid 2352744503 banker core_loader trojan

Malware Config

Extracted

Family

icedid

Botnet

2352744503

C2

fruakij.com

piolsneeds.com

nilkomadik.com

qipanzero.com

Attributes

auth_var
13
url_path
/news/

Targets

- Target
  
  8d75a5dd8eef207895f19fad5bb1f5342a703f79f0098f2d8ef39583b0b56d24
- Size
  
  288KB
- MD5
  
  283e20e5341692830a8ad8f2602e9c75
- SHA1
  
  b1aba7f421a8dcfe42d8f39034cc1bc4ae8dd18f
- SHA256
  
  8d75a5dd8eef207895f19fad5bb1f5342a703f79f0098f2d8ef39583b0b56d24
- SHA512
  
  a3d3e2062385fb9e48bccb0701d13356ca61af423bfba9d7eace2c35cd53759a8965cddde56aa51074170630e810cfb3937797dd62ab7f242d7d1551feac147f
Score

10^/10

icedid 2352744503 banker core_loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid2352744503bankercore_loadertrojan

behavioral2

icedid2352744503bankercore_loadertrojan