General
-
Target
iced.zip
-
Size
379KB
-
Sample
220614-mlbcyaheb5
-
MD5
1c0f99b46ef5e66e61f6cff5a2bc94d3
-
SHA1
ddc8159100da7b54b340383834fa9e87996a1c03
-
SHA256
ff0f6e4913e696bc5431f398f9bba745339feb37ce70743bd1563d66086309a8
-
SHA512
d3edfdb67f89ec2883fcfc709df88e38fbbbc7ce949b98feaaaf7b41f56ea93ce9d8435ddfb2fa7c88b1f6bfa8bb9870ee443e209a657057552c6115287f0ef5
Static task
static1
Behavioral task
behavioral1
Sample
iced/Microsoft_Teams_installer.exe.lnk
Resource
win7-20220414-en
Behavioral task
behavioral2
Sample
iced/Microsoft_Teams_installer.exe.lnk
Resource
win10v2004-20220414-en
Behavioral task
behavioral3
Sample
iced/run.dll
Resource
win7-20220414-en
Malware Config
Extracted
icedid
3366658159
plocganga.com
Targets
-
-
Target
iced/Microsoft_Teams_installer.exe.lnk
-
Size
2KB
-
MD5
78496da0b847ceb2d84d4ea53b21db48
-
SHA1
ee26f8ba4f9c30dc94584f413405fdcf58d14d22
-
SHA256
bd05a4dc16dc60ac36f2635ede515238c66c18717626c5f7ec27c77738bc7816
-
SHA512
e2dfcec7218cf74d530ececa384d20ecc40582a04df8c77d1b8dddcfdf3224d239cb60dad44530eb16cd2a4248e956ba8a9c7363f1e2019e2d2428c52f878a4d
-
suricata: ET MALWARE Win32/IcedID Request Cookie
suricata: ET MALWARE Win32/IcedID Request Cookie
-
Blocklisted process makes network request
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
-
-
Target
iced/run.dll
-
Size
35.6MB
-
MD5
28fb9b44549348e9c8aad336b087bf83
-
SHA1
cf62e0ef9ecf5c9cb699a075332edce245d7927d
-
SHA256
0be5391025a89043913a6ac582b4d48ed581943e4c359f6b8a6c0333d9c938ed
-
SHA512
9fdabe734894155c72a2028446ca9c52353d3cf96d6aa047ed5d3069d01c9f620a1ae7fbdbaa1b391fe3151a49e0c451756ca907134aab1cea9a73996b9d44f4
-
suricata: ET MALWARE Win32/IcedID Request Cookie
suricata: ET MALWARE Win32/IcedID Request Cookie
-
Blocklisted process makes network request
-