Overview

overview

10

Static

static

1

IceID.exe

windows7-x64

10

IceID.exe

windows10-2004-x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    IceID.zip

  • Size

    167KB

  • Sample

    230328-2wn44sfd9s

  • MD5

    c37d80b3663510d75c7ff63e41b3f8e4

  • SHA1

    28b7c89f24b25d381b72f762a8ca36ecc8d6e9fe

  • SHA256

    15cf446a302d7a7cd8b84c28f432d561a7f19d041f882decb3a04556338df1c1

  • SHA512

    28ec655aa9c0a4eb50a93d0c074665307e77ca87560c8ce957865fb4fec64d4709de5b1c9469ca654628bbcfae64b11a9068b5bafb7ed9692bb63ec4e0b0a61e

  • SSDEEP

    3072:RnZgbrIw5DPdkeQq3SBt/hiaeeNYs1aMP9EsQbW62YxskabtPW3EBEBSrNL:HgbEw5DlkeQf5b6s139E+Ywgs5L

Score
10/10
icedid513366864bankerloadertrojan

Malware Config

Extracted

Family

icedid

Botnet

513366864

C2

magnwnce.com

corposted.com

presifered.com

coujtried.com

molinaro.top

amongolia.com

jjanuatu.com
Attributes
  • auth_var

    11

  • url_path

    /index.php

Targets

    • Target

      IceID

    • Size

      376KB

    • MD5

      407cde16473474c15f66651307e42d9b

    • SHA1

      8afbecd6f857f4e512193449864326518648d3b0

    • SHA256

      58c8518a85d32448881050757f6a8b0468636d3ebb74315023d9963b32355501

    • SHA512

      e50bdd2c4cd82c4430c4ef8dd49175a2c9143ce3180bf0bb77b0eb05a204c19eac1ff480cfdcce47659796c6f2a0eea4c9145a641b52678e3afae9f338ce1920

    • SSDEEP

      6144:NrDre6vLR50hXwLhF0l2LFPPWbPINovTnJtKa6unv:RDre6zR5xLF8L6Cv

    Score
    10/10
    icedid513366864bankerloadertrojan

    • IcedID, BokBot

      IcedID is a banking trojan capable of stealing credentials.

      trojanbankericedid

    • IcedID Second Stage Loader

      loader
    behavioral1behavioral2

MITRE ATT&CK Matrix

Tasks