icedid | 070f23924c0db38a1a8804fa07583c8ac161f474a5997b8a6952d9187b57d1c7 | Triage

Sharing

General

Target

24e69765fcb7abfabc3bfe16158fa991
Size

746KB
Sample

231231-c7anesbhd2
MD5

24e69765fcb7abfabc3bfe16158fa991
SHA1

19bd24a10e4d6490cb35358265cec9ef51c12491
SHA256

070f23924c0db38a1a8804fa07583c8ac161f474a5997b8a6952d9187b57d1c7
SHA512

3222e5b6fc06fff4d50041c2d43666e9b3d87be8f76fd90d5c8d924f5aae0a4940d54642985d3411e3713cbca3da87f59ce88f1647baa29d454c179d75c91a4b
SSDEEP

12288:dzwKAgp5Ehy3Qhsq1fe/x7P+LW8yPqGfeYBMtKk7mGGwwsIZC:mgohyP5/xj+DC1fUNmGGfrC

Score

10^/10

icedid 1525646893 banker core_loader trojan

Malware Config

Extracted

Family

icedid

Botnet

1525646893

C2

makeeris.top

ispaniolla.top

clinoridaf.club

latevanthave.top

Attributes

auth_var
7
url_path
/news/

Targets

- Target
  
  24e69765fcb7abfabc3bfe16158fa991
- Size
  
  746KB
- MD5
  
  24e69765fcb7abfabc3bfe16158fa991
- SHA1
  
  19bd24a10e4d6490cb35358265cec9ef51c12491
- SHA256
  
  070f23924c0db38a1a8804fa07583c8ac161f474a5997b8a6952d9187b57d1c7
- SHA512
  
  3222e5b6fc06fff4d50041c2d43666e9b3d87be8f76fd90d5c8d924f5aae0a4940d54642985d3411e3713cbca3da87f59ce88f1647baa29d454c179d75c91a4b
- SSDEEP
  
  12288:dzwKAgp5Ehy3Qhsq1fe/x7P+LW8yPqGfeYBMtKk7mGGwwsIZC:mgohyP5/xj+DC1fUNmGGfrC
Score

10^/10

icedid 1525646893 banker core_loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid1525646893bankercore_loadertrojan

behavioral2

icedid1525646893bankercore_loadertrojan