icedid | aee392fa31d863df3c98ffe7d31ba81ec42a1a7f7525b815bad29f46f9a0a1da | Triage

Sharing

General

Target

aee392fa31d863df3c98ffe7d31ba81ec42a1a7f7525b815bad29f46f9a0a1da
Size

304KB
Sample

220625-jdxdnadeg3
MD5

c84bf3b108f4008b5657ad663226ad98
SHA1

bd8574ee3501ab0526bde421a816c3d7f008e909
SHA256

aee392fa31d863df3c98ffe7d31ba81ec42a1a7f7525b815bad29f46f9a0a1da
SHA512

64198064f979123a36dbe6f92b4b1ed00b2ee116ab0e45f921344bbf4cd51c90dbf1fc596d68ad0fc069f0fbc55e5bfea10b7427d6eaac4aa3ef935f1862c467

Score

10^/10

icedid 548174735 banker loader trojan

Malware Config

Extracted

Family

icedid

Botnet

548174735

C2

magnwnce.com

corposted.com

presifered.com

coujtried.com

molinaro.top

amongolia.com

jjanuatu.com

Attributes

auth_var
3
url_path
/index.php

Targets

- Target
  
  aee392fa31d863df3c98ffe7d31ba81ec42a1a7f7525b815bad29f46f9a0a1da
- Size
  
  304KB
- MD5
  
  c84bf3b108f4008b5657ad663226ad98
- SHA1
  
  bd8574ee3501ab0526bde421a816c3d7f008e909
- SHA256
  
  aee392fa31d863df3c98ffe7d31ba81ec42a1a7f7525b815bad29f46f9a0a1da
- SHA512
  
  64198064f979123a36dbe6f92b4b1ed00b2ee116ab0e45f921344bbf4cd51c90dbf1fc596d68ad0fc069f0fbc55e5bfea10b7427d6eaac4aa3ef935f1862c467
Score

10^/10

icedid 548174735 banker loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- IcedID Second Stage Loader
  loader
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid548174735bankerloadertrojan

behavioral2

icedid548174735bankerloadertrojan