36e6a1f197c62a3330757e175399b6fbc9495c86e9eb87409e26c82c0aa23162 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

2023-08-26...JC.exe

windows7-x64

7

2023-08-26...JC.exe

windows10-2004-x64

7

Sharing

General

Target

2023-08-26_4a2c67124c7dd305d0d41e7f6fc42abc_icedid_JC.exe
Size

4.8MB
Sample

230923-r6vdrsge9w
MD5

4a2c67124c7dd305d0d41e7f6fc42abc
SHA1

b3ca3a925efd23b95fd9686327b9425ca7ab45b7
SHA256

36e6a1f197c62a3330757e175399b6fbc9495c86e9eb87409e26c82c0aa23162
SHA512

9cfea90a22d5f20deb2d270118db5a98ca1474846dd073b4364a5902ddd78a4f185f54d6b3ab3cf2290a6854e429bd6f279b749b66fc0a29bcc092a199d17801
SSDEEP

98304:McKpqTDgyM4PHABsLxaBKHhpglgnavFyPyRbVK0+Gw5sPka1:rgyzHAaLxaUvglLbVK0+Gw5s8a1

Score

7^/10

bootkit persistence upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2023-08-26_4a2c67124c7dd305d0d41e7f6fc42abc_icedid_JC.exe

Resource

win7-20230831-en

bootkit persistence upx

windows7-x64

10 signatures

150 seconds

Behavioral task

behavioral2

Sample

2023-08-26_4a2c67124c7dd305d0d41e7f6fc42abc_icedid_JC.exe

Resource

win10v2004-20230915-en

bootkit persistence upx

windows10-2004-x64

9 signatures

150 seconds

Malware Config

Targets

- Target
  
  2023-08-26_4a2c67124c7dd305d0d41e7f6fc42abc_icedid_JC.exe
- Size
  
  4.8MB
- MD5
  
  4a2c67124c7dd305d0d41e7f6fc42abc
- SHA1
  
  b3ca3a925efd23b95fd9686327b9425ca7ab45b7
- SHA256
  
  36e6a1f197c62a3330757e175399b6fbc9495c86e9eb87409e26c82c0aa23162
- SHA512
  
  9cfea90a22d5f20deb2d270118db5a98ca1474846dd073b4364a5902ddd78a4f185f54d6b3ab3cf2290a6854e429bd6f279b749b66fc0a29bcc092a199d17801
- SSDEEP
  
  98304:McKpqTDgyM4PHABsLxaBKHhpglgnavFyPyRbVK0+Gw5sPka1:rgyzHAaLxaUvglLbVK0+Gw5s8a1
Score

7^/10

bootkit persistence upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
- Writes to the Master Boot Record (MBR)
  Bootkits write to the MBR to gain persistence at a level below the operating system.
  bootkit persistence
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Pre-OS Boot

Bootkit

Privilege Escalation

Defense Evasion

Pre-OS Boot

Bootkit

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

bootkitpersistenceupx

behavioral2

bootkitpersistenceupx

© 2018-2025

Terms | Privacy