icedid | cb36a1d799acc290f4152471f539c5dc443dac0ba6d46c402ed86a1b5257db0c | Triage

Sharing

General

Target

JaffaCakes118_cb36a1d799acc290f4152471f539c5dc443dac0ba6d46c402ed86a1b5257db0c
Size

364KB
Sample

241222-lg1xcsspey
MD5

04f3e8e5dc4cd624e5812bc7a1d7ebe2
SHA1

0271ab6ef296a4c0a3bc030dd83e88f22976e3d7
SHA256

cb36a1d799acc290f4152471f539c5dc443dac0ba6d46c402ed86a1b5257db0c
SHA512

e0ce76bbfe1a59929a4836f12eb5d9e491bb0076185d46fd6accf655a2432fcad2274b3c2c83907d75ec90b6a98435c83366669912c094d3d6d664c0d7d66c84
SSDEEP

6144:hzCBFQ0J9tceEFDAAVNWifPs9ZDtuFTSSzp3UnRMInT7kw363xgW0rQN8:hEFQ0Tue6UAVkz9htuFFRKWITIrR0rQa

Score

10^/10

icedid 3415411565 banker core_loader trojan

Malware Config

Extracted

Family

icedid

Botnet

3415411565

C2

antnosience.com

seaskysafe.com

otectagain.top

dilimoretast.com

Attributes

auth_var
18
url_path
/news/

Targets

- Target
  
  core/cmd.bat
- Size
  
  191B
- MD5
  
  3cec7da4286fb8df01a057c04cc16b34
- SHA1
  
  be35d3e4fd882a807495f1dec189d09324b79612
- SHA256
  
  9eab93f08e471564ec1512005abb8e055119eefa66d12296487351e546aeb56c
- SHA512
  
  4d026d0dddf21aa105c9c0b45f791c5651c7dffb89701bf52fb71c7954648687f1be996d30c48ebe923794aeec31730f3dedb4df2e69b70c72f8dce0ed4d8d00
Score

10^/10

icedid 3415411565 banker core_loader trojan
- IcedID, BokBot
  IcedID is a banking trojan capable of stealing credentials.
  trojan banker icedid
- Icedid family
  icedid
behavioral1 behavioral2
- Target
  
  core/paper_x32.dat
- Size
  
  43KB
- MD5
  
  d3a9e33c7e606b711b1d658248d96d4a
- SHA1
  
  430273e227bb4445fbd92363dc97310ca3232b48
- SHA256
  
  85c49c0c2f9778edc03a6797ffa139b27538fd7060d6b80f2d00e23aa158e625
- SHA512
  
  e15c697ce13a8140fb41596def262d414f47453b0f01e96b8659caa5f024e8c81b5b2462230b992e081d368078ac33f3f37c0dae17bfd81b0a06c960494e0f3d
- SSDEEP
  
  768:yHHNq0gby9JZgqHQQTxCZdQJVdir4cKZiiGIUucpRXJCcfA0UE8H4zlOoSx0M:MgDkJa0TxCEJyrfKZOIUucp2iAtE8HEq
Score

1^/10
behavioral3 behavioral4

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

icedid3415411565bankercore_loadertrojan

behavioral2

icedid3415411565bankercore_loadertrojan

behavioral3

behavioral4