614c340cd7a488da3f1f3692beeb10ffa742fd13a751875e4e04db05bd648e75 | Triage

Submit
Reports

Overview

overview

7

Static

static

3

2023-08-26...JC.exe

windows7-x64

7

2023-08-26...JC.exe

windows10-2004-x64

7

Sharing

General

Target

2023-08-26_dc80b9ccf21ff0d1e24c3e8c12653b61_icedid_JC.exe
Size

3.6MB
Sample

231010-1n9keaff38
MD5

dc80b9ccf21ff0d1e24c3e8c12653b61
SHA1

0d6118232e19b92ae42c8c563262f71a94fce098
SHA256

614c340cd7a488da3f1f3692beeb10ffa742fd13a751875e4e04db05bd648e75
SHA512

9e0f4b33473162754a1af9f57605650222de74cbeb6805c6a03c2b3da350db50bb5089a17241d2f8dc08f7c1a8fd6313fd66bc333991d6881c9c06353bdbd357
SSDEEP

49152:DorhXKokLLBIu14IfKsIUHxPp0eMzAEAXv9f4y5vXgsSx4OE+omQJBLpFHTEGKHD:kBKoULRyyMzA/d4y7++JBLpFytB

Score

7^/10

upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

2023-08-26_dc80b9ccf21ff0d1e24c3e8c12653b61_icedid_JC.exe

Resource

win7-20230831-en

windows7-x64

16 signatures

150 seconds

Behavioral task

behavioral2

Sample

2023-08-26_dc80b9ccf21ff0d1e24c3e8c12653b61_icedid_JC.exe

Resource

win10v2004-20230915-en

windows10-2004-x64

18 signatures

150 seconds

Malware Config

Targets

- Target
  
  2023-08-26_dc80b9ccf21ff0d1e24c3e8c12653b61_icedid_JC.exe
- Size
  
  3.6MB
- MD5
  
  dc80b9ccf21ff0d1e24c3e8c12653b61
- SHA1
  
  0d6118232e19b92ae42c8c563262f71a94fce098
- SHA256
  
  614c340cd7a488da3f1f3692beeb10ffa742fd13a751875e4e04db05bd648e75
- SHA512
  
  9e0f4b33473162754a1af9f57605650222de74cbeb6805c6a03c2b3da350db50bb5089a17241d2f8dc08f7c1a8fd6313fd66bc333991d6881c9c06353bdbd357
- SSDEEP
  
  49152:DorhXKokLLBIu14IfKsIUHxPp0eMzAEAXv9f4y5vXgsSx4OE+omQJBLpFHTEGKHD:kBKoULRyyMzA/d4y7++JBLpFytB
Score

7^/10

upx
- ACProtect 1.3x - 1.4x DLL software
  Detects file using ACProtect software.
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- UPX packed file
  Detects executables packed with UPX/modified UPX open source packer.
  upx
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Persistence

Privilege Escalation

Defense Evasion

Modify Registry

Subvert Trust Controls

Install Root Certificate

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2

© 2018-2024

Terms | Privacy