Overview

overview

9

Static

static

3

2024-02-11...id.exe

windows7-x64

7

2024-02-11...id.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-02-11_b991aadb4133eee7973fc82130916e47_icedid

  • Size

    1.4MB

  • Sample

    240211-yl5sbsda37

  • MD5

    b991aadb4133eee7973fc82130916e47

  • SHA1

    0370f7e2c28b71a127626ec8f532d743b3e16c0f

  • SHA256

    7ff2c7af15daeb75b29002cc82aac80553dc1c0b371599a2e2ca7f275dfbf86b

  • SHA512

    8f46217efe0d1f4fbbb660b6d9c76ce851ec2d292a02b95b51fd688dccbf2a1d0a7d22ca7d598fd38a844ebc31edd3669f50b7e7fb00f9e9bc6f26b06da3f186

  • SSDEEP

    24576:KtX2lmNdKdPGnuu9pq35biqjaNq8D5OIF9YULN9M:KtX2BdPGnuu9pa5mqjaMaHYUfM

Score
9/10
evasionspywarestealertrojan

Malware Config

Targets

    • Target

      2024-02-11_b991aadb4133eee7973fc82130916e47_icedid

    • Size

      1.4MB

    • MD5

      b991aadb4133eee7973fc82130916e47

    • SHA1

      0370f7e2c28b71a127626ec8f532d743b3e16c0f

    • SHA256

      7ff2c7af15daeb75b29002cc82aac80553dc1c0b371599a2e2ca7f275dfbf86b

    • SHA512

      8f46217efe0d1f4fbbb660b6d9c76ce851ec2d292a02b95b51fd688dccbf2a1d0a7d22ca7d598fd38a844ebc31edd3669f50b7e7fb00f9e9bc6f26b06da3f186

    • SSDEEP

      24576:KtX2lmNdKdPGnuu9pq35biqjaNq8D5OIF9YULN9M:KtX2BdPGnuu9pa5mqjaMaHYUfM

    Score
    9/10
    evasionspywarestealertrojan

    • Detects executables containing SQL queries to confidential data stores. Observed in infostealers

    • Detects executables containing possible sandbox analysis VM usernames

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks whether UAC is enabled

      evasiontrojan

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks