Overview

overview

10

Static

static

cmd.bat

windows7_x64

1

cmd.bat

windows10-2004_x64

1

fortune_64.dll

windows7_x64

10

fortune_64.dll

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    core.zip

  • Size

    380KB

  • Sample

    220711-trsmqsagbm

  • MD5

    f7cff6be8759bf8410cc91e3c0d4b5c9

  • SHA1

    65ec3b7bc3896b6bff30f131b2281b04736ec40c

  • SHA256

    998e98ab6b5c84f67152d4abe86a7791e12f9b75860c1845c19a57dba026a4bd

  • SHA512

    3512e42f1ecfac00290c9cee3fc0285ecec4e546a0a05097605b103e7ea30a07fb540ab21858ff9170444fe9ec92a48097dff6ccefe217acfbc2eec98febed1d

Score
10/10
icedid1573268852bankercore_loadertrojan

Malware Config

Extracted

Family

icedid

Botnet

1573268852

C2

peranistaer.top

gruvihabralo.nl
Attributes
  • auth_var

    2

  • url_path

    /news/

Targets

    • Target

      cmd.bat

    • Size

      192B

    • MD5

      107c44d263a8493262a29dfaab37a816

    • SHA1

      ac8ec75279dc3cec80d0db2feb63411043008167

    • SHA256

      fc524121e2ec4f1189519110aed7d7e2f24257e20d077b8cd99af9fd6eaa158a

    • SHA512

      5a3a106bf1ef636ef91204fe40341f5e3dd725298c5ce6d614e150c4a26b58726df3f573c3cc1ee91a4de5431115274c4c18047c5b384001f932d6cf75e7f4d7

    Score
    1/10
    behavioral1behavioral2

    • Target

      fortune_64.dat

    • Size

      46KB

    • MD5

      e242d9d06b4ee30e5fad7a4e69484626

    • SHA1

      2071fc8911b08ebd97cd499f1986d02f5f29e49d

    • SHA256

      fdf5a43c0f1f5e23d3df16fef96f046ce51006b07b05df28a03ddb90c2488b7b

    • SHA512

      b910f6987b357cc8c9178e50c1bc8a0a67728508fdd33a5d6a8149e339737410dc864f99e267e6c15733b1d497cb52efbb1f9cbd5ad1e488b7af09f3d8c367da

    Score
    10/10
    icedid1573268852bankercore_loadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid
    behavioral3behavioral4

MITRE ATT&CK Matrix

Tasks