Overview

overview

10

Static

static

cmd.bat

windows7-x64

1

cmd.bat

windows10-2004-x64

1

receive-64.dll

windows7-x64

10

receive-64.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    core.zip

  • Size

    381KB

  • Sample

    220715-s5p84acgfm

  • MD5

    8a6e7477d80e57db13fe29eb10a8c87e

  • SHA1

    572bb7e1a87f671a2a19a4a90f46b2e924e27212

  • SHA256

    a00e50939f9bcf650f070875ba5b8ae5c34b04516a45e1e112566b316753d332

  • SHA512

    5d530f6955cd25dd879e69d69793f94682a1778975a020f2f0b92f2107f44a9aecd797acfcbbbca9061097f516d64d2af5beb95c065508e77af3fa535ccee1a5

Score
10/10
icedid1573268852bankercore_loadertrojan

Malware Config

Extracted

Family

icedid

Botnet

1573268852

C2

peranistaer.top

gruvihabralo.nl
Attributes
  • auth_var

    5

  • url_path

    /news/

Targets

    • Target

      cmd.bat

    • Size

      192B

    • MD5

      966d235cf7f9966972c8c9325216bdc9

    • SHA1

      b50704c9a0ef70637a9c0ab8144595a010e445a9

    • SHA256

      b8025c914752b5ed8db55b595521ba7c15d93d3c6fcd9e3476b17b228c075d8c

    • SHA512

      8f8be6bcdf23dd56915d4fedcea633f5d58d05c7633cd2620edfbceb605c29e92e0219c0d5089ed93823e35998137bebdc9c84bce304f153ac46b7feff1fee35

    Score
    1/10
    behavioral1behavioral2

    • Target

      receive-64.dat

    • Size

      47KB

    • MD5

      e4a9a8d3499a4c992d792eb16493694a

    • SHA1

      8478b093e11c07ce5e5a7185c974e63cc11bc36e

    • SHA256

      e10ec99e7b1d1d51563656ad11b8eaaed28fd8ace4edeac14b4dd9ad48257ecb

    • SHA512

      13917817f15d10bc73178f3a14b143b1660c98d476d700c94a297752d71b84859be4b0df9d953db150fb90668953f9d828dcdaaf49573b5891a972643c681a57

    Score
    10/10
    icedid1573268852bankercore_loadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid
    behavioral3behavioral4

MITRE ATT&CK Matrix

Tasks