icedid | 5fa61e6927b19fd7b5b259450f34555c585badaf59c30522bb47fa0e6ec7be3f | Triage

Sharing

General

Target

5f6362cced39c2cae9b4cf4721092b30
Size

33KB
Sample

240116-j2ehraghg6
MD5

5f6362cced39c2cae9b4cf4721092b30
SHA1

53d5928a5c1872259ab5bb05582188f06201bcc0
SHA256

5fa61e6927b19fd7b5b259450f34555c585badaf59c30522bb47fa0e6ec7be3f
SHA512

5cef434bdcf80ba79950116a47c54dacba680b26442ea086b2b77d3b54db10309225553d39346763edd0a30c2b7d28e954115634e4b3c5353ee4485de64a8f9f
SSDEEP

768:l3NRCeDTxBavXfvNroZsDT2XrfXXPAXoZs:PMevxBavXfvNoZU2XrfXXYXoZ

Score

10^/10

icedid 1525646893 banker core_loader trojan

Malware Config

Extracted

Family

icedid

Botnet

1525646893

C2

filinrgincost.buzz

iylifeshunia.top

ponkdgenki.top

letsfiaclub.top

Attributes

auth_var
15
url_path
/news/

Targets

- Target
  
  5f6362cced39c2cae9b4cf4721092b30
- Size
  
  33KB
- MD5
  
  5f6362cced39c2cae9b4cf4721092b30
- SHA1
  
  53d5928a5c1872259ab5bb05582188f06201bcc0
- SHA256
  
  5fa61e6927b19fd7b5b259450f34555c585badaf59c30522bb47fa0e6ec7be3f
- SHA512
  
  5cef434bdcf80ba79950116a47c54dacba680b26442ea086b2b77d3b54db10309225553d39346763edd0a30c2b7d28e954115634e4b3c5353ee4485de64a8f9f
- SSDEEP
  
  768:l3NRCeDTxBavXfvNroZsDT2XrfXXPAXoZs:PMevxBavXfvNoZU2XrfXXYXoZ
Score

10^/10

icedid 1525646893 banker core_loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid1525646893bankercore_loadertrojan

behavioral2

icedid1525646893bankercore_loadertrojan