icedid | 21285f6d8702236a5d8fad688ab0385e06fe0fe26493e19cbfab489340b897b1 | Triage

Sharing

General

Target

baxubn.dll
Size

47KB
Sample

220715-3hbgjafbg2
MD5

21b4c08fff43f1c811e092538f38696f
SHA1

148b27be4d4fc25c112bd49749c74d66e2efad67
SHA256

21285f6d8702236a5d8fad688ab0385e06fe0fe26493e19cbfab489340b897b1
SHA512

9c37377e1ce8ce8a40e3ec67c8fa4bbe9322680548c7e3df5a90399851663145aee995e3786f39fbe8fe3ebbdb9ad734bfa9bc1e14c05b74fda65bcde3494ac8

Score

10^/10

icedid 1573268852 banker core_loader trojan

Malware Config

Extracted

Family

icedid

Botnet

1573268852

C2

peranistaer.top

gruvihabralo.nl

Attributes

auth_var
5
url_path
/news/

Targets

- Target
  
  baxubn.dll
- Size
  
  47KB
- MD5
  
  21b4c08fff43f1c811e092538f38696f
- SHA1
  
  148b27be4d4fc25c112bd49749c74d66e2efad67
- SHA256
  
  21285f6d8702236a5d8fad688ab0385e06fe0fe26493e19cbfab489340b897b1
- SHA512
  
  9c37377e1ce8ce8a40e3ec67c8fa4bbe9322680548c7e3df5a90399851663145aee995e3786f39fbe8fe3ebbdb9ad734bfa9bc1e14c05b74fda65bcde3494ac8
Score

10^/10

icedid 1573268852 banker core_loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid1573268852bankercore_loadertrojan

behavioral2

icedid1573268852bankercore_loadertrojan