Overview

overview

10

Static

static

cmd.bat

windows7-x64

1

cmd.bat

windows10-2004-x64

1

minute_x64.dll

windows7-x64

10

minute_x64.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    core.zip

  • Size

    646KB

  • Sample

    220725-sh1fjsbec3

  • MD5

    82675805881b4b393205f7c47db6e33c

  • SHA1

    bef28ff1c8a348a5db535612fc30ce910a204faa

  • SHA256

    ba035e7c463c8d7bb7b1c48e2822996c3982423291025e10fcbbc07f36b12e7a

  • SHA512

    c545f5ebb94eedd19d611c74cfda8b6aaa9056391619b9d3ef4b8d970c04a04be6d4325f92e036c46512e2b4f4e80b37fcfa3be4361f51f497c4853a3cdfc357

Score
10/10
icedid310022019bankercore_loadertrojan

Malware Config

Extracted

Family

icedid

Botnet

310022019

C2

uytricmpreprom.com

plorinnoult.com
Attributes
  • auth_var

    13

  • url_path

    /news/

Targets

    • Target

      cmd.bat

    • Size

      187B

    • MD5

      da1b98535c3921a331f32a649b27c6c6

    • SHA1

      00cf0c62f4128e56f3503bc7522ae053e616b1bc

    • SHA256

      fe3b5c3ef31d8a305692bb155c42a8f70a75165ca5d9beaf778dd3d3c519fe84

    • SHA512

      0ffe58b5dad5d22220cdf63424dd84bfa91264bf824669da1a3d0c7aa0360ba6417b2b4a4076b673c2dc09a2c95adc005a86a7d70af6cce65ec2ab1e6e884bf7

    Score
    1/10
    behavioral1behavioral2

    • Target

      minute_x64.dat

    • Size

      312KB

    • MD5

      d0c13e99f8b74352cdb845aa3a72fd52

    • SHA1

      2b44c301d4567a9d631ec19f38e349b424eaa850

    • SHA256

      c15d6721460460d177b7e68f4b991b0b8b17ded6bd098399c76c87b0982b7ca1

    • SHA512

      799152ed8a9fd050877631ec9e99c4bd8eb42ef96845234411f27c48aac106668974370677b2d64650300393ea9ac46c708e08309c6ff1730cf5e7904f99253f

    Score
    10/10
    icedid310022019bankercore_loadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid
    behavioral3behavioral4

MITRE ATT&CK Matrix

Tasks