Overview

overview

10

Static

static

cmd.bat

windows7_x64

1

cmd.bat

windows10-2004_x64

1

panda_.dll

windows7_x64

10

panda_.dll

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    core.zip

  • Size

    675KB

  • Sample

    220627-e45eqshabl

  • MD5

    c3c3c15528aae78efe8144b7bf7de812

  • SHA1

    d4841c75d4196a6717438d1ab91035ef57c51f9d

  • SHA256

    4e3ddf9f7e1e165f80b9bbc707e05a5c4ecc6e62eb564a08f58d77b123729953

  • SHA512

    7b930de882a6c16004e4f77b6f605277f78be2957cf14227fa6189604b86252d8a7e87d4ac1363514190f6cd5f34bb5bb5b659b4fba511bb5c5a5c730c4a17e9

Score
10/10
icedid1501064257bankercore_loadertrojan

Malware Config

Extracted

Family

icedid

Botnet

1501064257

C2

tekacuanm.com

pleashurehott.com

quuenkrauz.com
Attributes
  • auth_var

    20

  • url_path

    /news/

Targets

    • Target

      cmd.bat

    • Size

      188B

    • MD5

      e327a2a86e93b203e7438b152593bfaa

    • SHA1

      08a547e8537daee3aa01488a71552f7b1e950593

    • SHA256

      a5e8e054e82e9e3aa3a7fc2b74c6682575e9effcaba6ea81e2f6536701bc178f

    • SHA512

      07abaf37bbee838cb21f96c76e093fae43da302ab42415bef2888dbd05ac0932084ce94a070e30ede22becc274c7a76c4c904bb3a65d8427ba805b8c980769d5

    Score
    1/10
    behavioral1behavioral2

    • Target

      panda_.tmp

    • Size

      340KB

    • MD5

      75da77e24a0b0bfb163d4e159675364b

    • SHA1

      7885528422f416f9693ee1ae48f2ea48b6e67f4f

    • SHA256

      5e750229e3a5d82e732e358cf9d4732a80033d72f11e42364a75ed7bc9ad6648

    • SHA512

      4fe9090d01c04ed2383c911cca5a40679fae3b8d7f4788bf68c20c25fe688c8dfce35b167f33add1e273a4586ea6787a1d86fa3b8bd1e1797d9e619f2611a043

    Score
    10/10
    icedid1501064257bankercore_loadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid
    behavioral3behavioral4

MITRE ATT&CK Matrix

Tasks