Overview

overview

10

Static

static

cmd.bat

windows7-x64

1

cmd.bat

windows10-2004-x64

1

pave-x32.dll

windows7-x64

10

pave-x32.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    core.zip

  • Size

    432KB

  • Sample

    220719-spw2psfgep

  • MD5

    ff2569313545ae2c211399497d1a00e5

  • SHA1

    86ae276b7d7bf9af5fd27171f2a63b7709358209

  • SHA256

    78c3a3ed062f6cc9f38555b0ea3daf9917218382c94dc670af8116f1202179fb

  • SHA512

    095cc70fc325b7c6e9a87b15ba17c075cbe864f352ef28ac611c6d5a9a78cb40a13304e4a797111ca9aeea65a04406ea62d52dece373edebdea465bab9ec21bf

Score
10/10
icedid310022019bankercore_loadertrojan

Malware Config

Extracted

Family

icedid

Botnet

310022019

C2

uytricmpreprom.com

plorinnoult.com
Attributes
  • auth_var

    9

  • url_path

    /news/

Targets

    • Target

      cmd.bat

    • Size

      190B

    • MD5

      c4f7420aa9eae8d3f95b567ff9d6a72e

    • SHA1

      7934cb4a87a026e471f4ee5ef9621e9c52275152

    • SHA256

      b3704cff56bedc16291773ead3aebd0a7326582544d78bbf46432312fbeca0d1

    • SHA512

      d4051957f49fee7de50eb2920bd166d2520765e527f202f38a7141609d95ceb2777d5a208825d2211d809b5da9343e333b7d444ab5f4e58bc0b8455c22e80d01

    Score
    1/10
    behavioral1behavioral2

    • Target

      pave-x32.dat

    • Size

      97KB

    • MD5

      45994cec4fbf22e491879194e420b327

    • SHA1

      38086f1db08f8db9495b7a1faf215527ea98b14a

    • SHA256

      fd06d5f6622cd5fb5ae37ca3393e8595ba1c82fb55056b5277efa9b55c6bba6d

    • SHA512

      291a88132bd05a9671d1bcc61e5450bb5a356a49200685a68d2ae8413f04770fbb3ebf722036420fd3217f9cdbc65efed83cf49e97c9cddb1803d3a2dd30812c

    Score
    10/10
    icedid310022019bankercore_loadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid
    behavioral3behavioral4

MITRE ATT&CK Matrix

Tasks