icedid | 888c90a3c05a193df023b5b74321d8e03cfe0765869e5925a4d3a63367db6c3a | Triage

Sharing

General

Target

888c90a3c05a193df023b5b74321d8e03cfe0765869e5925a4d3a63367db6c3a
Size

151KB
Sample

220615-sc1jcscagl
MD5

926ddda5536d60c34e1e2c1e124a87de
SHA1

e49ba46b8ca3f24c603b7d9b9e8a0db78ad50f2b
SHA256

888c90a3c05a193df023b5b74321d8e03cfe0765869e5925a4d3a63367db6c3a
SHA512

73baf1686b633efcb19e37888bde4e8338d6a945d501248f84360df2a077aad1a55f68c34398367891da1043d829bd304636b9c5ab90584924b3edc167aeb5dc

Score

10^/10

icedid 987543880 banker core_loader trojan

Malware Config

Extracted

Family

icedid

Botnet

987543880

C2

fimlubindu.top

vindurualeg.top

bigcostarikas.top

extrimefigim.top

Attributes

auth_var
7
url_path
/news/

Targets

- Target
  
  888c90a3c05a193df023b5b74321d8e03cfe0765869e5925a4d3a63367db6c3a
- Size
  
  151KB
- MD5
  
  926ddda5536d60c34e1e2c1e124a87de
- SHA1
  
  e49ba46b8ca3f24c603b7d9b9e8a0db78ad50f2b
- SHA256
  
  888c90a3c05a193df023b5b74321d8e03cfe0765869e5925a4d3a63367db6c3a
- SHA512
  
  73baf1686b633efcb19e37888bde4e8338d6a945d501248f84360df2a077aad1a55f68c34398367891da1043d829bd304636b9c5ab90584924b3edc167aeb5dc
Score

10^/10

icedid 987543880 banker core_loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid987543880bankercore_loadertrojan

behavioral2

icedid987543880bankercore_loadertrojan