← Back to Pulse Feed
PULSE DETAIL
According to X-Force research, the new banking Trojan emerged in the wild in September 2017, when its first test campaigns were launched. Our researchers noted that IcedID has a modular malicious code with modern banking Trojan capabilities comparable to malware such as the Zeus Trojan.
At this time, the malware targets banks, payment card providers, mobile services providers, payroll, webmail and e-commerce sites in the U.S. Two major banks in the U.K. are also on the target list the malware fetches.
Indicators of Compromise (55)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| domain | medicalciferol.com | — | 2017-11-13 | |
| FileHash-MD5 | 38921f28bb74fea2cab6e70039ee65f3 | — | 2017-11-13 | |
| FileHash-MD5 | 6899d3b51430679254635d78357c087e | — | 2017-11-13 | |
| FileHash-MD5 | c01dcdba9223d037eb8bf0944f1c1c9e | — | 2017-11-13 | |
| FileHash-MD5 | d982c6de627441765c89da5cfeb04d6f | — | 2017-11-13 | |
| FileHash-MD5 | de4ef2e24306b35d29891b45c1e3fbfd | — | 2017-11-13 | |
| domain | tuthmation.com | — | 2019-05-17 | |
| domain | divorough.com | — | 2019-05-17 | |
| domain | lattempted.pw | — | 2019-05-17 | |
| domain | spitaly.com | — | 2019-05-17 | |
| domain | yorubal.site | — | 2019-05-17 | |
| domain | portened.space | — | 2019-05-17 | |
| domain | minental.top | — | 2019-05-17 | |
| domain | arguerns.top | — | 2019-05-17 | |
| domain | marakusta.at | — | 2019-05-17 | |
| domain | againston.pw | — | 2019-05-17 | |
| domain | antative.com | — | 2019-05-17 | |
| domain | forsynanchyv.com | — | 2019-05-17 | |
| domain | thension.host | — | 2019-05-17 | |
| domain | ucasus.com | — | 2019-05-17 | |
| domain | coultra.space | — | 2019-05-17 | |
| domain | intesteron.com | — | 2019-05-17 | |
| domain | haractice.space | — | 2019-05-17 | |
| domain | jirovided.host | — | 2019-05-17 | |
| domain | kepleted.pw | — | 2019-05-17 | |
| domain | liberture.space | — | 2019-05-17 | |
| URL | http://spitaly.com:443 | — | 2019-05-17 | |
| URL | http://divorough.com:443 | — | 2019-05-17 | |
| URL | http://coultra.space:443 | — | 2019-05-17 | |
| URL | http://haractice.space:443 | — | 2019-05-17 | |
| URL | http://tuthmation.com:443 | — | 2019-05-17 | |
| URL | http://antative.com:443 | — | 2019-05-17 | |
| URL | http://lattempted.pw:443 | — | 2019-05-17 | |
| URL | http://thension.host:443 | — | 2019-05-17 | |
| URL | http://kepleted.pw:443 | — | 2019-05-17 | |
| URL | http://jirovided.host:443 | — | 2019-05-17 | |
| URL | http://yorubal.site:443 | — | 2019-05-17 | |
| URL | http://liberture.space:443 | — | 2019-05-17 | |
| URL | http://againston.pw:443 | — | 2019-05-17 | |
| URL | http://ucasus.com:443 | — | 2019-05-17 | |
| URL | http://forsynanchyv.com:443 | — | 2019-05-17 | |
| URL | http://portened.space:443 | — | 2019-05-17 | |
| URL | http://minental.top:443 | — | 2019-05-17 | |
| URL | http://marakusta.at:443 | — | 2019-05-17 | |
| URL | http://intesteron.com:443 | — | 2019-05-17 | |
| URL | http://arguerns.top:443 | — | 2019-05-17 | |
| FileHash-MD5 | 67dab97e176faab56a9ab519487572a7 | — | 2019-05-17 | |
| FileHash-MD5 | 8f5bc46c7dea1adbf3b8ea801146fc2a | — | 2019-05-17 | |
| FileHash-MD5 | ac3f118dcab29fe0f6a92230f6583fc4 | — | 2019-05-17 | |
| FileHash-MD5 | 6552c422daff0ba6e77770b5d2cfc816 | — | 2019-05-17 | |
| FileHash-MD5 | 5dad6bc8128d2ace9a68768b92f1d45f | — | 2019-05-17 | |
| FileHash-MD5 | 0edbd09dfcd21c959279e8b281e19130 | — | 2019-05-17 | |
| FileHash-MD5 | 8814c90ed6b79b43030503e5fc2e5b3c | — | 2019-05-17 | |
| FileHash-MD5 | 549e258a5ae5095a766878bdb45eb443 | — | 2019-05-17 | |
| FileHash-MD5 | dcb36825b24f47caaee109d4837ab65b | — | 2019-05-17 |