icedid | 31370fb95522ce04df9727adc3e3b1bd6c7b222fe9b0532b8273d065fe73fd38 | Triage

Sharing

General

Target

7531756127.zip
Size

248KB
Sample

220606-pkby7agah6
MD5

08fd09e146684a0b1a41a2bef63703a5
SHA1

9cc1790008cb55a4235a51e4d2236da7da4af009
SHA256

31370fb95522ce04df9727adc3e3b1bd6c7b222fe9b0532b8273d065fe73fd38
SHA512

b3b71b0f45d62f0fd966d3edc851b7aba75b141cf6654c0ac8ba43f4f60f56ec9b7a5d8f6fd9bf447fe3909f30f2b76c7bd989900788f63c7d2a79e90914856f

Score

10^/10

icedid 3681413287 banker core_loader trojan

Malware Config

Extracted

Family

icedid

Botnet

3681413287

C2

vadgeatemoz.com

akernilon.com

westdudil.com

leatyeals.com

Attributes

auth_var
3
url_path
/news/

Targets

- Target
  
  82e07bd3ecada519802984139c213db4332bbc49b61509a6b40b7142c28f4900
- Size
  
  464KB
- MD5
  
  6dff622395b320b2a1947480d697d3c0
- SHA1
  
  b2d90b643749b06d6ae98e71205cab2e67bc1d56
- SHA256
  
  82e07bd3ecada519802984139c213db4332bbc49b61509a6b40b7142c28f4900
- SHA512
  
  59be37e0dfd5fef04763a51e449265a25176401a58b35b7b28016e99a6860437ed8985b0ffb14182eb8df2c61943a54a0bbab38466d67946ef652b5d107ded11
Score

10^/10

icedid 3681413287 banker core_loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid3681413287bankercore_loadertrojan

behavioral2

icedid3681413287bankercore_loadertrojan