Overview

overview

10

Static

static

cmd.bat

windows7-x64

1

cmd.bat

windows10-2004-x64

1

enactx64.dll

windows7-x64

10

enactx64.dll

windows10-2004-x64

Sharing

Copy URL
Twitter E-mail

General

  • Target

    core.zip

  • Size

    703KB

  • Sample

    220801-t2qk5adbf4

  • MD5

    c2c3222f53a372e9168ccba9cb35365d

  • SHA1

    87449368fb8e0f5e7365f5e0fc02a19bb06c1d49

  • SHA256

    ecc8843c05a9e5c17932ea7060a0bf70b0fcf1982899d91d85f3132e84e50e1c

  • SHA512

    9f078c02b1be886ae02cd6759ef17fed71b287a40a147f815a2f6494c7b85058a24974a09d1513ec63b2cc45122c603d465b311e068fe146219718bec5eb2c72

Score
10/10
icedid2056920153bankercore_loadertrojan

Malware Config

Extracted

Family

icedid

Botnet

2056920153

C2

mlidaxeraza.com

izzicarat.com

azzimbuffy.com

villshomedrane.com
Attributes
  • auth_var

    25

  • url_path

    /news/

Targets

    • Target

      cmd.bat

    • Size

      185B

    • MD5

      ec36a6430256afd81deb13b3c628abef

    • SHA1

      4afad93298da9ac45a354305a688d434457e3f08

    • SHA256

      3d9f30e37dcbada126fda8c008d61815dff02959024662f0137b00ac175acd4f

    • SHA512

      8e300c400570f8d30f8b806842480e33c9925a94aaf8202b3a873a6f20d9dc57e0b87956dcdf5c635bbb605ef873afc17544834ac4c7aeed0e2af400584de4b1

    Score
    1/10
    behavioral1behavioral2

    • Target

      enactx64.dat

    • Size

      368KB

    • MD5

      7b20a3860258b757477df721cdda2d54

    • SHA1

      ffcca7c7a017f13bb6635a20be4df65d8b692e6a

    • SHA256

      0d38d5731f911b8da4fe4098ee3e9c8b98109df54886a221bd947d28a0693707

    • SHA512

      487f4eba55fd776e7a9c801704865c13b2da34849b76528ae5021fea3bf2351d892ef99755f6601c53f9d3cedabe3564a8e080e7499ca029ca4b61a77941104b

    Score
    10/10
    icedid2056920153bankercore_loadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid
    behavioral3behavioral4

MITRE ATT&CK Matrix

Tasks