icedid | d70b55d24744b2e20425436d09e701d957670be57b722fef78a6c0b46ca473f8 | Triage

Sharing

General

Target

7524606162.zip
Size

357KB
Sample

220602-176mvsfgap
MD5

3e73d56a63eb7c83577a3c72917718a2
SHA1

e82871ff8f0ab32761d570c2ae381bff9c298aea
SHA256

d70b55d24744b2e20425436d09e701d957670be57b722fef78a6c0b46ca473f8
SHA512

dd7c58c5553fd92668f1a84ac2103305c9e40a992303e0c2f7751fe248ea4977806ba7cff25e1846ba7b6ee7cb1827bf9aaaf2ce9850c402740dbccdf88649ae

Score

10^/10

icedid 1129175425 banker core_loader trojan

Malware Config

Extracted

Family

icedid

Botnet

1129175425

C2

intonthsnstr.rest

estoptionicou.top

ypothesisabo.top

flipperzillo.quest

Attributes

auth_var
11
url_path
/news/

Targets

- Target
  
  97b56d3b80e09eeb2da05dcc47961c96ba902bf921da004325f3791ad84d5d5d
- Size
  
  685KB
- MD5
  
  ce7c0c8c725fe466b892d6e2ad0ea9d9
- SHA1
  
  12ab2a5c042adafb94a535799885a04a7e2968b9
- SHA256
  
  97b56d3b80e09eeb2da05dcc47961c96ba902bf921da004325f3791ad84d5d5d
- SHA512
  
  a949679200907eb9b90a245b1b4cbc7dfad65abf36763e65e57f55eb0de9f39bbd73eb45f38487fb418bdf1aa07e0e12a12a1ad0d4f7bab3a8fffc73181cdd5d
Score

10^/10

icedid 1129175425 banker core_loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid1129175425bankercore_loadertrojan

behavioral2

icedid1129175425bankercore_loadertrojan