General
-
Target
2023-04-29_60213cbad7e507c49ca664f4e78d19d1_icedid
-
Size
543KB
-
Sample
230504-ttcz3adf84
-
MD5
60213cbad7e507c49ca664f4e78d19d1
-
SHA1
64497519d87d7a13c6c976155e23c13168586995
-
SHA256
c59d217790d5c49529a696e361981e95225b36d457e77ea3bb0776e6c1e39442
-
SHA512
8b8ff11db4c4b63cfef481d5b8c196062214f74622edd7e9c1f6cb22f6328c7995cae5aadf7b4e1c2deb368efc1951e934b719d953b1e9167a98aeca2a40bbf2
-
SSDEEP
12288:Zx1Q61iHsXYvfVpMODDawkCurdEtttYC0am43OkynJ/yLz:ZXQUIsQpMsequrmGCQ43OPqv
Static task
static1
Behavioral task
behavioral1
Sample
2023-04-29_60213cbad7e507c49ca664f4e78d19d1_icedid.exe
Resource
win7-20230220-en
Malware Config
Targets
-
-
Target
2023-04-29_60213cbad7e507c49ca664f4e78d19d1_icedid
-
Size
543KB
-
MD5
60213cbad7e507c49ca664f4e78d19d1
-
SHA1
64497519d87d7a13c6c976155e23c13168586995
-
SHA256
c59d217790d5c49529a696e361981e95225b36d457e77ea3bb0776e6c1e39442
-
SHA512
8b8ff11db4c4b63cfef481d5b8c196062214f74622edd7e9c1f6cb22f6328c7995cae5aadf7b4e1c2deb368efc1951e934b719d953b1e9167a98aeca2a40bbf2
-
SSDEEP
12288:Zx1Q61iHsXYvfVpMODDawkCurdEtttYC0am43OkynJ/yLz:ZXQUIsQpMsequrmGCQ43OPqv
-
Trickbot x86 loader
Detected Trickbot's x86 loader that unpacks the x86 payload.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-