icedid | 9e66e3c10cd5b0528d48391421bf50b1068e358a9696818b0dfd88a16ee66f5a | Triage

Sharing

General

Target

0296c609b96e00b054cf1465ed6a119d
Size

409KB
Sample

231230-vf811safak
MD5

0296c609b96e00b054cf1465ed6a119d
SHA1

3faed3575c32b6db185e0ec868fbcbd0d047eb64
SHA256

9e66e3c10cd5b0528d48391421bf50b1068e358a9696818b0dfd88a16ee66f5a
SHA512

a4eb46e1b141636480daf48802b56b5f21b012fa1ee8ac12e93753034183abfc985d529e6ed03d34176a00c812ff7a948c9184e1148585622e7436133c60023e
SSDEEP

3072:XsC9wHRejrwRuDggl4acQnVglOuSF0xDNAK/kFGZOOmg2hIxHBbQgV1:FwHRSuSll4acQn2AikOmkbQgH

Score

10^/10

icedid 3984935437 banker core_loader trojan

Malware Config

Extracted

Family

icedid

Botnet

3984935437

C2

footballer.bid

2kilozhiraffe.club

aristomosuga.top

viryigamaps.top

Attributes

auth_var
3
url_path
/news/

Targets

- Target
  
  0296c609b96e00b054cf1465ed6a119d
- Size
  
  409KB
- MD5
  
  0296c609b96e00b054cf1465ed6a119d
- SHA1
  
  3faed3575c32b6db185e0ec868fbcbd0d047eb64
- SHA256
  
  9e66e3c10cd5b0528d48391421bf50b1068e358a9696818b0dfd88a16ee66f5a
- SHA512
  
  a4eb46e1b141636480daf48802b56b5f21b012fa1ee8ac12e93753034183abfc985d529e6ed03d34176a00c812ff7a948c9184e1148585622e7436133c60023e
- SSDEEP
  
  3072:XsC9wHRejrwRuDggl4acQnVglOuSF0xDNAK/kFGZOOmg2hIxHBbQgV1:FwHRSuSll4acQn2AikOmkbQgH
Score

10^/10

icedid 3984935437 banker core_loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid3984935437bankercore_loadertrojan

behavioral2

icedid3984935437bankercore_loadertrojan