icedid | 86eb2c2dd22c6c84e77351b52ec841a0aa5d3ef49f176bc073464bd09ac05a3a | Triage

Sharing

General

Target

JaffaCakes118_86eb2c2dd22c6c84e77351b52ec841a0aa5d3ef49f176bc073464bd09ac05a3a
Size

474KB
Sample

241222-ftg25avpbn
MD5

f5bf87b88a498791ac5d846a9f6ad726
SHA1

5ef2efd09163e7407bfa754f6a29bdbaa4eacd31
SHA256

86eb2c2dd22c6c84e77351b52ec841a0aa5d3ef49f176bc073464bd09ac05a3a
SHA512

a3ddc16be15e108a45cecb858da98e367cf1adaa2fd38dceafb43de26e78c668d3564d275dea47c7751549d108ad3ee594150dc121167b59be3d3dc1a8e97cbd
SSDEEP

12288:jWYQ9HY96DaOgXV+xytrDtdGZMi1CWI/PCj+liaqMSf2MXPZ:qYhk+NXVltrDIn1CWmPY+iaqj2cPZ

Score

10^/10

icedid 3036889562 banker core_loader trojan

Malware Config

Extracted

Family

icedid

Botnet

3036889562

C2

stooryallice.com

yellowpyrrol.com

Attributes

auth_var
1
url_path
/news/

Targets

- Target
  
  core.bat
- Size
  
  186B
- MD5
  
  cb539d823a0cb6aaf97acca94e99a744
- SHA1
  
  35b2bca0ed8d2379ab12e3e493b37aa919d87f56
- SHA256
  
  c83d581e5dd4eaa0b5977de0b256eed18f2d41d51d94cd8bb63945659bfdb084
- SHA512
  
  a8155122e35a1bccaf9a62b4fb132961694d02db8a8f5608f5332e48355f2fdf4a43c0c97a39d25ce5a4a3e6aa95d7fb1b28396dd0d4dc1b2802d605b0f49d2e
Score

10^/10

icedid 3036889562 banker core_loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Icedid family
  icedid
behavioral1 behavioral2
- Target
  
  disagree_.dat
- Size
  
  279KB
- MD5
  
  1c907bd185afff7b7adfd83c4efdf985
- SHA1
  
  8f74846834d190cefe9df37dc2961fe8e042a3d8
- SHA256
  
  7e57c468e2dc390d65f847abc908eeb1a8c26bec3df726730b9e9e3b7fb75f10
- SHA512
  
  7ea1b27e166fa440321c9531c703513cc7fd5efd963534bc36ec5f6870f1cbbfdca5d570750ff098033392ec852b8c1290f21d319a73370b2f06e5cce178baba
- SSDEEP
  
  6144:DDtM6E/9TTOWPzGcDfitOA26FhKQjO6nG+BOzgTLshy4e:9M6E/9TOU3AN3Xx19
Score

10^/10

icedid 3036889562 banker core_loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Icedid family
  icedid
behavioral3 behavioral4

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

icedid3036889562bankercore_loadertrojan

behavioral2

icedid3036889562bankercore_loadertrojan

behavioral3

icedid3036889562bankercore_loadertrojan

behavioral4

icedid3036889562bankercore_loadertrojan