icedid | 6cfda8fbb2917545ddf03acdc61e43cc3eff4a7fb70ec6483d1718d15e35352c | Triage

Sharing

General

Target

a7ee7d101a09b948cc289b6a2bc6e3ee
Size

33KB
Sample

240227-cftxzsec2t
MD5

a7ee7d101a09b948cc289b6a2bc6e3ee
SHA1

d854fadfb0032eee922b6e8384f5dfb1d555ace6
SHA256

6cfda8fbb2917545ddf03acdc61e43cc3eff4a7fb70ec6483d1718d15e35352c
SHA512

b71adeac4330d5de90dd4f22142347fd9a574f9db66f101d85173845c015260782492934585b3ddeeb30534492739562e75be388378a5bdb848d4d21ed4081ba
SSDEEP

768:h3NRCeDzxBavXfvNroZsDT2XrfXXPAXoZs:TMevxBavXfvNoZU2XrfXXYXoZ

Score

10^/10

icedid 1525646893 banker core_loader trojan

Malware Config

Extracted

Family

icedid

Botnet

1525646893

C2

filinrgincost.buzz

iylifeshunia.top

ponkdgenki.top

letsfiaclub.top

Attributes

auth_var
15
url_path
/news/

Targets

- Target
  
  a7ee7d101a09b948cc289b6a2bc6e3ee
- Size
  
  33KB
- MD5
  
  a7ee7d101a09b948cc289b6a2bc6e3ee
- SHA1
  
  d854fadfb0032eee922b6e8384f5dfb1d555ace6
- SHA256
  
  6cfda8fbb2917545ddf03acdc61e43cc3eff4a7fb70ec6483d1718d15e35352c
- SHA512
  
  b71adeac4330d5de90dd4f22142347fd9a574f9db66f101d85173845c015260782492934585b3ddeeb30534492739562e75be388378a5bdb848d4d21ed4081ba
- SSDEEP
  
  768:h3NRCeDzxBavXfvNroZsDT2XrfXXPAXoZs:TMevxBavXfvNoZU2XrfXXYXoZ
Score

10^/10

icedid 1525646893 banker core_loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid1525646893bankercore_loadertrojan

behavioral2

icedid1525646893bankercore_loadertrojan