3b57681504ccb9654a5fa3762367adfac7edda27478a63a7f01d9b32a44cd46f | Triage

Sharing

General

Target

5c094d9c9c1e5662dcc81bc036059685_icedid_JC.exe
Size

4.7MB
Sample

230804-s473hsdc6y
MD5

5c094d9c9c1e5662dcc81bc036059685
SHA1

151236e9db39d33f7eaa1c066145b3b20bd75497
SHA256

3b57681504ccb9654a5fa3762367adfac7edda27478a63a7f01d9b32a44cd46f
SHA512

70b47d9db2969fa2338f94ce68ce6f6a12dab026ab1257249a404d34eb92b2b664c2680cbe4ccf295681965a5855234f3ca2ea9a376c71b0bccddf1ef199f653
SSDEEP

98304:NT1KJwooLvw8RfSaCGpGSmYYO/DQrhMgR6hxvWbrtUTrUHO2bI:7/88RfUYYO/GUx+NcIOT

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  5c094d9c9c1e5662dcc81bc036059685_icedid_JC.exe
- Size
  
  4.7MB
- MD5
  
  5c094d9c9c1e5662dcc81bc036059685
- SHA1
  
  151236e9db39d33f7eaa1c066145b3b20bd75497
- SHA256
  
  3b57681504ccb9654a5fa3762367adfac7edda27478a63a7f01d9b32a44cd46f
- SHA512
  
  70b47d9db2969fa2338f94ce68ce6f6a12dab026ab1257249a404d34eb92b2b664c2680cbe4ccf295681965a5855234f3ca2ea9a376c71b0bccddf1ef199f653
- SSDEEP
  
  98304:NT1KJwooLvw8RfSaCGpGSmYYO/DQrhMgR6hxvWbrtUTrUHO2bI:7/88RfUYYO/GUx+NcIOT
Score

7^/10

persistence
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2