icedid | e04b950907edb3689ce7656eb199680f48c19ed029b72790be07b585e5cd4f10 | Triage

Sharing

General

Target

7493706214.zip
Size

298KB
Sample

220602-1w26asbhc7
MD5

dc79fa717df8d96e2e4f483cbe95fb43
SHA1

181e7bfe523307ff7468b2991f3eac4fe11c062c
SHA256

e04b950907edb3689ce7656eb199680f48c19ed029b72790be07b585e5cd4f10
SHA512

7776e6d639d22731750c0ada111f6f15d41cd4e24895421dca9f8b83ba4db5581e62cdbcea9d72a64aed743ea73b90ed930b96ae1365212abcd00bd20e806cc6

Score

10^/10

icedid 1129175425 banker core_loader trojan

Malware Config

Extracted

Family

icedid

Botnet

1129175425

C2

intonthsnstr.rest

estoptionicou.top

ypothesisabo.top

flipperzillo.quest

Attributes

auth_var
12
url_path
/news/

Targets

- Target
  
  5ce554f6152890ef43fe424a349dbbcf5c4f2fe53e070d2a5d40b9d21f3b7b5e
- Size
  
  575KB
- MD5
  
  381b8a76803ebf4f1d1180b07d440c54
- SHA1
  
  b859aab34840f149693df74778ec7a703c9a106d
- SHA256
  
  5ce554f6152890ef43fe424a349dbbcf5c4f2fe53e070d2a5d40b9d21f3b7b5e
- SHA512
  
  66eab9be5c0b1264038d8ab04c12b7cdb3cf105ded5d30de621ae6916f6ea0dce5beeea827f1d70da2094702c4ef5c41e6c2cb70fb233aeb4b8d9112e86048d3
Score

10^/10

icedid 1129175425 banker core_loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid1129175425bankercore_loadertrojan

behavioral2

icedid1129175425bankercore_loadertrojan