icedid | 089c2f986e5357eda1e4f40976ff61263a92d6de8c3e32a10c170031f3991e34 | Triage

Sharing

General

Target

089c2f986e5357eda1e4f40976ff61263a92d6de8c3e32a10c170031f3991e34
Size

154KB
Sample

220728-t9dxashdd2
MD5

f943e05d781caa0abc4fe945b2634899
SHA1

9e5b746cac6556149cf324cfcf46ec1aeb5d2251
SHA256

089c2f986e5357eda1e4f40976ff61263a92d6de8c3e32a10c170031f3991e34
SHA512

2db22d91f4c856ac17328e0b3ec26e1810be60b46de79e63ee31d53cee3fe55b08fe59d0d28b35ab4a6ff63d55b7397955da316200417097637e4ba0a90c3dcf

Score

10^/10

icedid 3524611504 banker core_loader trojan

Malware Config

Extracted

Family

icedid

Botnet

3524611504

C2

wronigrabs.com

nokainptisarda.com

Attributes

auth_var
10
url_path
/news/

Targets

- Target
  
  089c2f986e5357eda1e4f40976ff61263a92d6de8c3e32a10c170031f3991e34
- Size
  
  154KB
- MD5
  
  f943e05d781caa0abc4fe945b2634899
- SHA1
  
  9e5b746cac6556149cf324cfcf46ec1aeb5d2251
- SHA256
  
  089c2f986e5357eda1e4f40976ff61263a92d6de8c3e32a10c170031f3991e34
- SHA512
  
  2db22d91f4c856ac17328e0b3ec26e1810be60b46de79e63ee31d53cee3fe55b08fe59d0d28b35ab4a6ff63d55b7397955da316200417097637e4ba0a90c3dcf
Score

10^/10

icedid 3524611504 banker core_loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid3524611504bankercore_loadertrojan

behavioral2

icedid3524611504bankercore_loadertrojan