Overview

overview

10

Static

static

82e07bd3ec...00.dll

windows7_x64

10

82e07bd3ec...00.dll

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    7531756127.zip

  • Size

    248KB

  • Sample

    220606-pkby7agah6

  • MD5

    08fd09e146684a0b1a41a2bef63703a5

  • SHA1

    9cc1790008cb55a4235a51e4d2236da7da4af009

  • SHA256

    31370fb95522ce04df9727adc3e3b1bd6c7b222fe9b0532b8273d065fe73fd38

  • SHA512

    b3b71b0f45d62f0fd966d3edc851b7aba75b141cf6654c0ac8ba43f4f60f56ec9b7a5d8f6fd9bf447fe3909f30f2b76c7bd989900788f63c7d2a79e90914856f

Score
10/10
icedid3681413287bankercore_loadertrojan

Malware Config

Extracted

Family

icedid

Botnet

3681413287

C2

vadgeatemoz.com

akernilon.com

westdudil.com

leatyeals.com
Attributes
  • auth_var

    3

  • url_path

    /news/

Targets

    • Target

      82e07bd3ecada519802984139c213db4332bbc49b61509a6b40b7142c28f4900

    • Size

      464KB

    • MD5

      6dff622395b320b2a1947480d697d3c0

    • SHA1

      b2d90b643749b06d6ae98e71205cab2e67bc1d56

    • SHA256

      82e07bd3ecada519802984139c213db4332bbc49b61509a6b40b7142c28f4900

    • SHA512

      59be37e0dfd5fef04763a51e449265a25176401a58b35b7b28016e99a6860437ed8985b0ffb14182eb8df2c61943a54a0bbab38466d67946ef652b5d107ded11

    Score
    10/10
    icedid3681413287bankercore_loadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks