Overview

overview

10

Static

static

cmd.bat

windows7-x64

1

cmd.bat

windows10-2004-x64

1

measurex64.dll

windows7-x64

10

measurex64.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    core.zip

  • Size

    563KB

  • Sample

    220809-twj66acggr

  • MD5

    3c69c19a98355b0bf885785706fc61a0

  • SHA1

    576510d62c35550e5b72a030dcaf29c438264526

  • SHA256

    68436d97d05bef8ffe7314f95c91871d361e50c0c1bf7e17a7d5737a3ed0ba9c

  • SHA512

    676a331fd9121629c545e4c01773a2b99de551be14b3fe92954b0268b42afd515a9d179449b41ea66255197904fe831ee693be7008b9866ea3173cf83dd25203

Score
10/10
icedid1573268852bankercore_loadertrojan

Malware Config

Extracted

Family

icedid

Botnet

1573268852

C2

peranistaer.top

gruvihabralo.nl

klareqvino.com

ultomductingbig.pro
Attributes
  • auth_var

    15

  • url_path

    /news/

Targets

    • Target

      cmd.bat

    • Size

      187B

    • MD5

      8951670338900cdb7c9d5b7f7d0f392d

    • SHA1

      f7e16ef45ce0854c6a06c24ca8bb80e41c0b8658

    • SHA256

      ddf4cc8bc5a4669a6066d2b41863493c33fc743acc74aeda12b16228ebbe0646

    • SHA512

      ff7b5962aab5fae78e55771f58d08bfef69cb672f751e7951d2d6591ad5beea8b4cd84c865755c468d3659b85e31e229e76829796f39ef3e5f53f4f017ec3ee5

    Score
    1/10
    behavioral1behavioral2

    • Target

      measurex64.tmp

    • Size

      228KB

    • MD5

      63d580a5137d8c421f318f215f9854cf

    • SHA1

      868606a3f73e076821e9fab371386a7a61bcf3f6

    • SHA256

      fdfe59e216a3dc82224d4002a6ea330ddce227fb0bd538fb4cd50bd0196530c3

    • SHA512

      c6ce40dfcb931f8dade4571fad130d17df1af5334b457a09079446e6297608c41a86c8203cf66d72f1962f46328b138d13808b4e6e04049c8aa80a97ad4f9f57

    Score
    10/10
    icedid1573268852bankercore_loadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid
    behavioral3behavioral4

MITRE ATT&CK Matrix

Tasks