Overview

overview

10

Static

static

cmd.bat

windows7_x64

1

cmd.bat

windows10-2004_x64

1

exhibitx32.dll

windows7_x64

10

exhibitx32.dll

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    core.zip

  • Size

    923KB

  • Sample

    220614-vga6dacab9

  • MD5

    b1b6f507b23fc822fb8c6e420a625a75

  • SHA1

    e6faaf7aa995725f5b345c31b313d2bdf2e883f9

  • SHA256

    98e311767e264b8e60998f557683399ad6a3bacffc3960f87fee74ad0e199071

  • SHA512

    2dd05fd5d3d2ca08472dadffce7e2cb481725520f7821410c39239585b747f93d284c0c19a197cbf308fd9dd4f6c0fec2e86d0a32ea355440a0ff09ba5b0b756

Score
10/10
icedid1501064257bankercore_loadertrojan

Malware Config

Extracted

Family

icedid

Botnet

1501064257

C2

tekacuanm.com

pleashurehott.com
Attributes
  • auth_var

    15

  • url_path

    /news/

Targets

    • Target

      cmd.bat

    • Size

      192B

    • MD5

      2ba4cdb275178d03055e23e5a9065a1c

    • SHA1

      737372b47f45e4d5862e6ff2875a94b2c8b7ae12

    • SHA256

      0218a30d52297f6d8a36a833b8a67b51e290ea7cebd6c403cf8cd7fb9dec5250

    • SHA512

      c4c083c98fb790e03679d41b42e021a4a595203fccbda52142d3564640b76b46fc4130034c0a8e7e0d9f6c8ee49bcdad96e786a9f26028fe242ec43aeb4f15fc

    Score
    1/10
    behavioral1behavioral2

    • Target

      exhibitx32.tmp

    • Size

      588KB

    • MD5

      b14d9cbadad3592708f20c547514a999

    • SHA1

      eb74758eb171acdc437a47c1fd1ef51e27a682b6

    • SHA256

      370392d86aebcce75420d73c759031159362a2c394aee873dba4b34c092a0c12

    • SHA512

      60923b92d818ce1bbd5e2036e2ae3f0d33928911146fe79775d16dbde6f4e49ce49a27e7303e02aa2a242fc16dd3863e57fe76b3248a6a2f52298e952056ff46

    Score
    10/10
    icedid1501064257bankercore_loadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid
    behavioral3behavioral4

MITRE ATT&CK Matrix

Tasks