Overview

overview

10

Static

static

cmd.bat

windows7_x64

1

cmd.bat

windows10-2004_x64

1

festival-64.dll

windows7_x64

10

festival-64.dll

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    core.zip

  • Size

    969KB

  • Sample

    220621-tsnp6saah8

  • MD5

    1b41e2dc22d4bb959ee59e26cb46119d

  • SHA1

    56d1a64d33ce547ea97fc9d8ba2036424a147b4f

  • SHA256

    8d82b711e0bea0c323e3de973aa47fe3e0f9a4545697256af077355547f925c2

  • SHA512

    03fe24aafed8d37beae10104ae84f98c96268a74605cc7df0b943bbc9fa414ee2082657a311a78624b9720a0e77b34fcf9681225aac514b0ad2fd48174a19fdc

Score
10/10
icedid1501064257bankercore_loadertrojan

Malware Config

Extracted

Family

icedid

Botnet

1501064257

C2

tekacuanm.com

pleashurehott.com
Attributes
  • auth_var

    17

  • url_path

    /news/

Targets

    • Target

      cmd.bat

    • Size

      193B

    • MD5

      faf8dc2a8eb9c9bf1cef6c7c913d85d4

    • SHA1

      c73af425a16eedf676f41f84fb0641352321308f

    • SHA256

      d6e9afaa5139e91b9e9c3775ea4925c28adb41a9b88a51d7d748bb5c39275a04

    • SHA512

      fceaa9be6a330621d38c5e99dcd8d4a716e82da5d62175a09fccc878b716eaff34be6b07aaad36c84e637394d062b7e1e6a64f3445b742242b68196d4abeb3be

    Score
    1/10
    behavioral1behavioral2

    • Target

      festival-64.tmp

    • Size

      634KB

    • MD5

      47fc9bc87df58084bdd25d62747c88d5

    • SHA1

      faf37c322a2dc6ebe46f93b96dc28b422e5a5633

    • SHA256

      d7ce8f0b46b4f3d81ab96b3b82936ffa86ce7ce24ac70d881081372107092399

    • SHA512

      00c7463c7f6d872bf3f64378e91eea32c572ee419bb8296d234bf218f8cf18b528307c1996470cc92b9a8e6dd899f2e9841c785d6bebdf3128631d6a40f2aae6

    Score
    10/10
    icedid1501064257bankercore_loadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid
    behavioral3behavioral4

MITRE ATT&CK Matrix

Tasks