icedid | 572b8c81b97eca4da1edb955191e344287b633aea4ac456e3c8930792322a77e | Triage

Sharing

General

Target

7600486131.zip
Size

56KB
Sample

220619-wgj9qaaac7
MD5

568e9b2eb1ce6ddddf3037a2cfbbbae1
SHA1

17d915ed4431309c0af9b6acddb4ff33bb4ad18f
SHA256

572b8c81b97eca4da1edb955191e344287b633aea4ac456e3c8930792322a77e
SHA512

ca90513a4115a526707ea0ee6d60647e7051302a27f284d05293cf09d3a17f5d43c0fa582e9019fb569b8db5ae141a2e131d832d2d870b16c6aa970986fdcd0d

Score

10^/10

icedid 2354879232 banker core_loader trojan

Malware Config

Extracted

Family

icedid

Botnet

2354879232

C2

gadverjo.com

hevciak.com

Attributes

auth_var
11
url_path
/news/

Targets

- Target
  
  f05e6a88a5ef16267a2794222838ce43b2854e90c920a0d8982642c973d106ae
- Size
  
  112KB
- MD5
  
  37d7d5755f2af011bc047182710e450c
- SHA1
  
  fc86525cbd32fc06425652c7d12317c00a0190d2
- SHA256
  
  f05e6a88a5ef16267a2794222838ce43b2854e90c920a0d8982642c973d106ae
- SHA512
  
  06ba8627fcb096363eb63603e913a86ae9ff419f77c8deef9aa1d313100b3a44f738add3155a7250b4efd9b5952ae4d995768ad549432173234357190274dc89
Score

10^/10

icedid 2354879232 banker core_loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid2354879232bankercore_loadertrojan

behavioral2

icedid2354879232bankercore_loadertrojan