Overview

overview

10

Static

static

cmd.bat

windows7_x64

1

cmd.bat

windows10-2004_x64

1

mesh-64.dll

windows7_x64

10

mesh-64.dll

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    core.zip

  • Size

    743KB

  • Sample

    220630-s17mkseag9

  • MD5

    afcd7129497ff87d6df6189215be030e

  • SHA1

    a4796a24f023b18db6408007f4caea5686c3b7bf

  • SHA256

    45449bf222593b8ba442e660e3a1b2ffaa58a92ae0c56627cfe9c4bcf7b93cdc

  • SHA512

    07137d85c66d2b92320ec1ea7a4a39c652edec25f883e49bc9c15428b566d085fb4dd1c0387154c71602995e24f05e82620b1b1de01a402af1030cb0653b3087

Score
10/10
icedid1501064257bankercore_loadertrojan

Malware Config

Extracted

Family

icedid

Botnet

1501064257

C2

starpetralina.com

brumedane.com
Attributes
  • auth_var

    25

  • url_path

    /news/

Targets

    • Target

      cmd.bat

    • Size

      189B

    • MD5

      6f15cd0263b458116b6698e266ab989c

    • SHA1

      83b44519c7a36583e69f2b65dc44738b3ee63145

    • SHA256

      9b584a85e3fa666d0e2d6e699f2c1380a788cae2183e417ddd7b58a3939b9112

    • SHA512

      892c34b984ac66748e54da0f0b9728c2a02c7bb6932e6fb385daed8f0b855198d3be91d6ade589827e43b2604b186fe7c39b5ffae6589d6cb2037595c3a56866

    Score
    1/10
    behavioral1behavioral2

    • Target

      mesh-64.dat

    • Size

      408KB

    • MD5

      bd1a6c52941f0bf45e352c38dca09921

    • SHA1

      21ca59616619a754be48d1bcaf8437f42b25d6b4

    • SHA256

      ed96d4317c1fe69326c8cb31373b8fc75e8bbe74326b781448bcdb9f2bd4f48f

    • SHA512

      7a09286ab9e02e0963bc27c829d5aa9169aa6942518ae4e4683a98d2b35c0368653a61cbb66709cdffe6ed5e0f13dee5c9a82ec0afbf46b33e0decadbef53ce2

    Score
    10/10
    icedid1501064257bankercore_loadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid
    behavioral3behavioral4

MITRE ATT&CK Matrix

Tasks