Overview

overview

10

Static

static

cmd.bat

windows7_x64

1

cmd.bat

windows10-2004_x64

1

dwarfx64.dll

windows7_x64

10

dwarfx64.dll

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    core.zip

  • Size

    674KB

  • Sample

    220628-ttxpgaagbk

  • MD5

    94fc6247b2baa8a86ffc930f31f3e6ca

  • SHA1

    491d45b2359763eba21d45a003f7e16c4bf8e15e

  • SHA256

    ae61277489a511da3c0ec4e8aae94c6b1205197b5bc3999cab880294ca0a3948

  • SHA512

    ee5b9c9b4468c992c1b64b87d3c9a7da15e4d05bdf01831b584b27bca7ca25f0c8ffa0903a6ea55ac3de07b08cb55e06ae1d12c573711eede8d95151d437655d

Score
10/10
icedid1057461280bankercore_loadertrojan

Malware Config

Extracted

Family

icedid

Botnet

1057461280

C2

allesborn.com

blaskmirror.com
Attributes
  • auth_var

    4

  • url_path

    /news/

Targets

    • Target

      cmd.bat

    • Size

      190B

    • MD5

      b112c1a5e2d658d89f7a767cd85322c5

    • SHA1

      718ce431e17d4afbe33a688c22bfd56a870ed005

    • SHA256

      461ef00d1700cf93f9dbac33be410a65c0b293ee732a571cf5652decb6816adb

    • SHA512

      995e4bd9d6cd9cce7e9a66fc32e820c178e74d43de8f4050c9dd4cfd864113f8e62058b067ccf3ede0ed6f2082b2648a41a139c403675d56dc49732797452de3

    Score
    1/10
    behavioral1behavioral2

    • Target

      dwarfx64.tmp

    • Size

      340KB

    • MD5

      d887c4ae1ff288342c822414ed196d95

    • SHA1

      fbba2fddfdca4763f7588646941908fb86322337

    • SHA256

      17f0eb28cbc5881ac2b0c98db70afc5df189e3dc3bbb06a81cf387ed11d325ef

    • SHA512

      b5bcb0b05b4c2f71887b7e576607bd2e20ba4a9287751c05efff5e9c8ffa92765a6d8e7f726436ab983ccb9a3dbba5fb95b0f7322e7746c7eda63232d5778fc8

    Score
    10/10
    icedid1057461280bankercore_loadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid
    behavioral3behavioral4

MITRE ATT&CK Matrix

Tasks