Overview

overview

10

Static

static

recall.dll

windows7-x64

10

recall.dll

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    recall.dat

  • Size

    370KB

  • Sample

    220829-s4l52sbdgj

  • MD5

    d50cf4800accda2fc6fc57dfda5790c7

  • SHA1

    9b42f185598f7a7f0c803273af2651e148929cf3

  • SHA256

    f0bec72ea95c299af2a57e2ffa317c309ad4f70d1809c4e299084c38a282aaaf

  • SHA512

    4a020244e7e6139ca55c491de734606764696ed57a67d3f0967fe9cb2a29f707a93a6cb4338161d13f38ffc2b3ccf3fbd06faa9b85a200dec1a05a4ae6d3f74e

  • SSDEEP

    6144:TE5yLwssyjHvomnVhuj+s4sfnVWpB7QH2CBAdo24rn25ZRSAD24rn2ExihwfIzhi:45Pguj4MnVWpmHT24rn25ZAAD24rn24L

Score
10/10
icedid1573268852bankercore_loadertrojan

Malware Config

Extracted

Family

icedid

Botnet

1573268852

C2

peranistaer.top

gruvihabralo.nl

ultomductingbig.pro

alcoheyteri.click
Attributes
  • auth_var

    24

  • url_path

    /news/

Targets

    • Target

      recall.dat

    • Size

      370KB

    • MD5

      d50cf4800accda2fc6fc57dfda5790c7

    • SHA1

      9b42f185598f7a7f0c803273af2651e148929cf3

    • SHA256

      f0bec72ea95c299af2a57e2ffa317c309ad4f70d1809c4e299084c38a282aaaf

    • SHA512

      4a020244e7e6139ca55c491de734606764696ed57a67d3f0967fe9cb2a29f707a93a6cb4338161d13f38ffc2b3ccf3fbd06faa9b85a200dec1a05a4ae6d3f74e

    • SSDEEP

      6144:TE5yLwssyjHvomnVhuj+s4sfnVWpB7QH2CBAdo24rn25ZRSAD24rn2ExihwfIzhi:45Pguj4MnVWpmHT24rn25ZAAD24rn24L

    Score
    10/10
    icedid1573268852bankercore_loadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks