icedid | 4fdc3e90e1b9bff0a8931aaee0ccd4cbeb58061e102d8e80b66b127e929f8ecb | Triage

Sharing

General

Target

AisleEnough.zip
Size

361KB
Sample

220807-ybgyhshee9
MD5

ee90469bd7bb84a9ca9584df983d0281
SHA1

049d5ae850e288c6c951ff3b0fb58017a75af247
SHA256

4fdc3e90e1b9bff0a8931aaee0ccd4cbeb58061e102d8e80b66b127e929f8ecb
SHA512

e36ee1c6ea82d8b79d3415947142613d310b03732bd54bb850fae1d3a34ce8ae52aad05d21a3882ac694852faf7013a1749882ab0177f8c45f4816300713a96e

Score

10^/10

icedid 3524611504 banker core_loader trojan

Malware Config

Extracted

Family

icedid

Botnet

3524611504

C2

wronigrabs.com

nokainptisarda.com

Attributes

auth_var
14
url_path
/news/

Targets

- Target
  
  broom-x32.dat
- Size
  
  49KB
- MD5
  
  fbc189cfff511d698bb612bc9e58e4fa
- SHA1
  
  e64b67c6eb7c4e1623942ef388e9d648e67663a1
- SHA256
  
  b22ae26c58c6b6df210e6985e30169f5b73b8a743f0376600376726f3c213207
- SHA512
  
  6f5de0629ff877ef56cad57a141990c8b3da9ea167e2a3e0284be836addf4e08015cc76ce16a65067861cc8d26e4f5969e3735b0a060b75c3a011c3ab2ad6da9
Score

10^/10

icedid 3524611504 banker core_loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid3524611504bankercore_loadertrojan

behavioral2

icedid3524611504bankercore_loadertrojan