Overview

overview

10

Static

static

Avpobb1.dll

windows10-1703-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    Avpobb1.dll

  • Size

    313KB

  • Sample

    220802-y93mwacahl

  • MD5

    55021cdec691820bcaf4d2dae6ace921

  • SHA1

    32d0f4043fd7374677ce6d7e883f8bf5f5022787

  • SHA256

    5973c98cb667d24911df5f31dc29da4ec85a18cf28bc0e9dc4cacdbf383ec7c3

  • SHA512

    5b322d36d304cedcf1bb87a34696969171f95fad5397c6306fb38950679bc950f7ff69e1273581d4d2ebdc099f7063bb42afa42fe7282c4a9751957f7a0045c9

Score
10/10
icedid3524611504bankercore_loadertrojan

Malware Config

Extracted

Family

icedid

Botnet

3524611504

C2

wronigrabs.com

nokainptisarda.com
Attributes
  • auth_var

    8

  • url_path

    /news/

Targets

    • Target

      Avpobb1.dll

    • Size

      313KB

    • MD5

      55021cdec691820bcaf4d2dae6ace921

    • SHA1

      32d0f4043fd7374677ce6d7e883f8bf5f5022787

    • SHA256

      5973c98cb667d24911df5f31dc29da4ec85a18cf28bc0e9dc4cacdbf383ec7c3

    • SHA512

      5b322d36d304cedcf1bb87a34696969171f95fad5397c6306fb38950679bc950f7ff69e1273581d4d2ebdc099f7063bb42afa42fe7282c4a9751957f7a0045c9

    Score
    10/10
    icedid3524611504bankercore_loadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid
    behavioral1

MITRE ATT&CK Matrix

Tasks