icedid | 470d610d6087f1cab9c41de863c8bb0944f283e9b5bd40d00041b53a92933853 | Triage

Sharing

General

Target

470d610d6087f1cab9c41de863c8bb0944f283e9b5bd40d00041b53a92933853
Size

261KB
Sample

230430-ztcxysch3x
MD5

f178c46e4941db3058034cda01e7ff26
SHA1

7a2defc7fdd32edfbd380d1f99944edfc27ebe89
SHA256

470d610d6087f1cab9c41de863c8bb0944f283e9b5bd40d00041b53a92933853
SHA512

6122726b1d8c2afbf2c4ea5f51e13aee11d50ad065c9a4b5359eaad455745f5c439755bf74ecdb4a04b7350217e84307962e05893112420182b9cfcb9a809606
SSDEEP

3072:XtkKMYvhj8NLRFCZu+9LLJYIaVlYtWJU3cYXtz2+ZvNAVckGsV:XtjMqjmNOuwLSHY8+ZvS/

Score

10^/10

icedid 2655726304 banker core_loader trojan

Malware Config

Extracted

Family

icedid

Botnet

2655726304

C2

lergochatep.com

fechirtout.com

Attributes

auth_var
2
url_path
/news/

Targets

- Target
  
  470d610d6087f1cab9c41de863c8bb0944f283e9b5bd40d00041b53a92933853
- Size
  
  261KB
- MD5
  
  f178c46e4941db3058034cda01e7ff26
- SHA1
  
  7a2defc7fdd32edfbd380d1f99944edfc27ebe89
- SHA256
  
  470d610d6087f1cab9c41de863c8bb0944f283e9b5bd40d00041b53a92933853
- SHA512
  
  6122726b1d8c2afbf2c4ea5f51e13aee11d50ad065c9a4b5359eaad455745f5c439755bf74ecdb4a04b7350217e84307962e05893112420182b9cfcb9a809606
- SSDEEP
  
  3072:XtkKMYvhj8NLRFCZu+9LLJYIaVlYtWJU3cYXtz2+ZvNAVckGsV:XtjMqjmNOuwLSHY8+ZvS/
Score

10^/10

icedid 2655726304 banker core_loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid2655726304bankercore_loadertrojan

behavioral2

icedid2655726304bankercore_loadertrojan