Overview

overview

10

Static

static

10

926ba0e103...96.exe

windows7_x64

10

926ba0e103...96.exe

windows10-2004_x64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    926ba0e1031bcc982a6a7280b5b41616a245c7d94829c1d362d6585320bbb496.zip

  • Size

    145KB

  • Sample

    220630-slg4dadhe8

  • MD5

    e5d4317656bffdb6333215df8361a541

  • SHA1

    872b76595dba8e6bb21c166e208b8e58e6787991

  • SHA256

    060fadd3d3457e00c562d2cd3810ee1b8ce96bbb5550006468270ea45bb7b7c3

  • SHA512

    3e168e3e2cc55d6068b4db60b12bad74d65b9a0e20020f7025e40ac286de573f3060e09749e626fe9fb287d041eba2139a7a84ca221771be1d9d19eb7326d4eb

Score
10/10
icexloaderloaderpersistence

Malware Config

Targets

    • Target

      926ba0e1031bcc982a6a7280b5b41616a245c7d94829c1d362d6585320bbb496

    • Size

      347KB

    • MD5

      f215f4d6043bc0c81d8beafcce0aabb2

    • SHA1

      7168feb0237b8cc9a49dd53d7a6b4e26b7037e66

    • SHA256

      926ba0e1031bcc982a6a7280b5b41616a245c7d94829c1d362d6585320bbb496

    • SHA512

      cea505712e00e926e1fe98cd6b67d064ff2871d785267ecbd2c3367e6cbc09c494e5b763030636dca4d1f7f0a0fe50dbe9f85ef1b21021f7220b2c56a2177bf6

    Score
    10/10
    icexloaderloaderpersistence

    • Detects IceXLoader v3.0

    • icexloader

      IceXLoader is a downloader used to deliver other malware families.

      loadericexloader

    • Executes dropped EXE

    • Deletes itself

    • Drops startup file

    • Loads dropped DLL

    • Adds Run key to start application

      persistence
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Registry Run Keys / Startup Folder

1
T1060

Privilege Escalation

Defense Evasion

Modify Registry

1
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Tasks