Overview

overview

10

Static

static

cmd.bat

windows7_x64

1

cmd.bat

windows10-2004_x64

1

hybrid-x64.dll

windows7_x64

10

hybrid-x64.dll

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    core.zip

  • Size

    1.1MB

  • Sample

    220706-xet7ksfhhr

  • MD5

    403b9c0da8329c33235029ec01fe7109

  • SHA1

    3be3dc09f1c71b999e0d71528fa4408e8b44e28e

  • SHA256

    2c60009d6c5e0233e44e5ce2628adbef69a25d3bfaec4369831fb04680281c69

  • SHA512

    63748970a5977189fdc55fcb33d0e3ef495437d4c0c3bd07364f795aaf5681353849e6658b1ea3f51ddec7953c7d8b13f27725d657a03a9f953789a41d2767e6

Score
10/10
icedid2262657793bankercore_loadertrojan

Malware Config

Extracted

Family

icedid

Botnet

2262657793

C2

khondiroda.com

vondenay.com
Attributes
  • auth_var

    7

  • url_path

    /news/

Targets

    • Target

      cmd.bat

    • Size

      192B

    • MD5

      5c4ac14c4bff0c175c0fa0bd2c970c28

    • SHA1

      cd06e3d11b644cdc5a0e04c8869cd1f67eb6e580

    • SHA256

      763abf8fad183dec3479d59a48638d1097ac6c35484d50a5e83fe24324ced91c

    • SHA512

      484fe7f5bd236328e23257faf10951458eb1c8904bdd48e02b893a3d69ff1ab5080fd157473310ae2b63413fc44d9f42946750632fa63fd65337d524fe5106aa

    Score
    1/10
    behavioral1behavioral2

    • Target

      hybrid-x64.dat

    • Size

      800KB

    • MD5

      a2c9bed59334b2fbf3aa58cef5b3dcaf

    • SHA1

      24ccce9201b089359d957d3be847f63686a57630

    • SHA256

      515f0f198c34e0c54ac921e442e3cae3c27865ae1c225d1e58355dc494299dbc

    • SHA512

      a9fa9583d95fa1d062e472017842abaf2a92599041519b86f7ccacee41169cc767c982bc4f3c4b070fadb4efc3c4f98baeffa68bea3eb5f87812bfd870a6f2ad

    Score
    10/10
    icedid2262657793bankercore_loadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid
    behavioral3behavioral4

MITRE ATT&CK Matrix

Tasks