icedid | cd24833fcecc8e9c317dd64a156dcd6f89a2e647d28a54ee7204b745b62a3307 | Triage

Sharing

General

Target

core.zip
Size

923KB
Sample

220614-bspclafgb5
MD5

39a1fd4d66143158bfb6a5512fab1363
SHA1

34d12a223ec4124c8ca449e7ee32f62247b288d6
SHA256

cd24833fcecc8e9c317dd64a156dcd6f89a2e647d28a54ee7204b745b62a3307
SHA512

e4233cd10d40e03e3ad4072efd6aa49e86fb4ff974905af2bbc082efa0ecf30225024d528f6154fdd1e376cf84f9c4f1a6f241c0c590eb39f2b10a5a1cad7a47

Score

10^/10

icedid 3036889562 banker core_loader trojan

Malware Config

Extracted

Family

icedid

Botnet

3036889562

C2

roovehiuxe.com

illocloud.com

Attributes

auth_var
17
url_path
/news/

Targets

- Target
  
  cmd.bat
- Size
  
  191B
- MD5
  
  2dc8d5eb7b8d99a4bb1c26bf41765532
- SHA1
  
  590bea9c45e8407787b2ad993fd2302f53b988ac
- SHA256
  
  c4c67209258f7423c29ffebbbbc5b10f4f634582d1959b5da7cf34891c3a7544
- SHA512
  
  78627b13a9610947d37eda417ebef81ea681c5412ca1ddddf8ac2c765df5198976464d456325264cd344dfdb49e4b065e68532e3483a9d06916cda2b0760ff40
Score

1^/10
behavioral1 behavioral2
- Target
  
  element64.tmp
- Size
  
  588KB
- MD5
  
  c46dcd2fb32f531c415aced97151cf3f
- SHA1
  
  060ee7c08df28fba363108f2991d7ac706906bee
- SHA256
  
  c17376ecc5c5b6a716aa6e7e9a375d54611ab840549ba9f0c462e07d61d44bd9
- SHA512
  
  1140643c43c0a4ca31ef629992b9e9914746b468a2142c5017febfae8111957a4bb4acf9e0d97a1de5ba12afe8f40546a8897e94f3199b0d1d87db0fc3349fc0
Score

10^/10

icedid 3036889562 banker core_loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral3 behavioral4

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

behavioral3

icedid3036889562bankercore_loadertrojan

behavioral4

icedid3036889562bankercore_loadertrojan