Overview

overview

10

Static

static

cmd.bat

windows7-x64

1

cmd.bat

windows10-2004-x64

1

enactx64.dll

windows7-x64

10

enactx64.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    core.zip

  • Size

    703KB

  • Sample

    220801-t7xlmaefhr

  • MD5

    b873f4ddfe121733c4cfefda9285f63a

  • SHA1

    c02a7860a0e571364bec418e858a8340fccd5e7c

  • SHA256

    83c4a4d223bd28107e121faeca27f40568a889f94964549c51894bf52b54d25e

  • SHA512

    5a9e758e6798fc79a80a81eef7adc24b4a6ed76dcaf120b980772f637d995df7ea6299b390330c4a59d9a61dd1a06f3e23ae02755250d44d655fdf4b4772284a

Score
10/10
icedid2056920153bankercore_loadertrojan

Malware Config

Extracted

Family

icedid

Botnet

2056920153

C2

mlidaxeraza.com

izzicarat.com

azzimbuffy.com

villshomedrane.com
Attributes
  • auth_var

    25

  • url_path

    /news/

Targets

    • Target

      cmd.bat

    • Size

      185B

    • MD5

      ec36a6430256afd81deb13b3c628abef

    • SHA1

      4afad93298da9ac45a354305a688d434457e3f08

    • SHA256

      3d9f30e37dcbada126fda8c008d61815dff02959024662f0137b00ac175acd4f

    • SHA512

      8e300c400570f8d30f8b806842480e33c9925a94aaf8202b3a873a6f20d9dc57e0b87956dcdf5c635bbb605ef873afc17544834ac4c7aeed0e2af400584de4b1

    Score
    1/10
    behavioral1behavioral2

    • Target

      enactx64.dat

    • Size

      368KB

    • MD5

      7b20a3860258b757477df721cdda2d54

    • SHA1

      ffcca7c7a017f13bb6635a20be4df65d8b692e6a

    • SHA256

      0d38d5731f911b8da4fe4098ee3e9c8b98109df54886a221bd947d28a0693707

    • SHA512

      487f4eba55fd776e7a9c801704865c13b2da34849b76528ae5021fea3bf2351d892ef99755f6601c53f9d3cedabe3564a8e080e7499ca029ca4b61a77941104b

    Score
    10/10
    icedid2056920153bankercore_loadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid
    behavioral3behavioral4

MITRE ATT&CK Matrix

Tasks