icedid | 69e7955311ecfb35e8b0a299c387b88ac33e644dc2fa80cc8288fdca2f45f30e | Triage

Sharing

General

Target

7505126126.zip
Size

297KB
Sample

220531-q1qb7afaem
MD5

c6da2855f6a42c272c0f00c2ab1e9798
SHA1

0b13769bc6ee7a1dbcc8deb4e838b0b948ec437d
SHA256

69e7955311ecfb35e8b0a299c387b88ac33e644dc2fa80cc8288fdca2f45f30e
SHA512

54fd414530468275d9a3df0fb2875fc1936d1d1e682f93b7e0a4b755b8182803fa54c2b0669f7919abad7e2b018dde2c814272279a494f7454f4e0a372a37974

Score

10^/10

icedid 452507187 banker core_loader trojan

Malware Config

Extracted

Family

icedid

Botnet

452507187

C2

ribedexperi.top

sobaprivba.rest

anuonuribids.store

teensviolet.com

Attributes

auth_var
19
url_path
/news/

Targets

- Target
  
  06ba76dbd426392585c4cf727dad04d6bfa4d0a06a568d14ad92769218422855
- Size
  
  574KB
- MD5
  
  54e4c3c806027d32500a722a57190427
- SHA1
  
  9fcd983f5b2395b792062347e99a5d02295b1350
- SHA256
  
  06ba76dbd426392585c4cf727dad04d6bfa4d0a06a568d14ad92769218422855
- SHA512
  
  7a167bb7eba8684b08e008861fe22d8e5c8e7aa1e4d538c9bce79d882ab193a640f08abbe7d1d7a8fbed977174692b1c4afc106cd80d2bd5d2c85480f81b3b9c
Score

10^/10

icedid 452507187 banker core_loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid452507187bankercore_loadertrojan

behavioral2

icedid452507187bankercore_loadertrojan