Overview

overview

7

Static

static

3

2024-02-12...id.exe

windows7-x64

7

2024-02-12...id.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-02-12_1cb325a5145779d7bec6393734488e1c_icedid

  • Size

    11.4MB

  • Sample

    240212-w1z5aaah5z

  • MD5

    1cb325a5145779d7bec6393734488e1c

  • SHA1

    c1bcf3b5f0f488d3ec645feeb8cd76388f819083

  • SHA256

    842c8b909ab6ee71dd6ec7978400a5dda5ae53260e166a62d466a0cf946993f9

  • SHA512

    deb7074cbdf35e5aa743516d72cc358389f131c95e2618fece6921857bbeba8cddaf9272e646e8cf2ae49e9c98f59349a11364fe2c03dced41c9ccff76f152ba

  • SSDEEP

    98304:2Sy3mKysr9uBx4WZTvyqL+R6ZiFLOAkGkzdnEVomFHKnPlAZ6hxvWbrtUTrUHO2W:2jB2AqL+RPFLOyomFHKnPlAcx+NcIOl

Score
7/10
persistence

Malware Config

Targets

    • Target

      2024-02-12_1cb325a5145779d7bec6393734488e1c_icedid

    • Size

      11.4MB

    • MD5

      1cb325a5145779d7bec6393734488e1c

    • SHA1

      c1bcf3b5f0f488d3ec645feeb8cd76388f819083

    • SHA256

      842c8b909ab6ee71dd6ec7978400a5dda5ae53260e166a62d466a0cf946993f9

    • SHA512

      deb7074cbdf35e5aa743516d72cc358389f131c95e2618fece6921857bbeba8cddaf9272e646e8cf2ae49e9c98f59349a11364fe2c03dced41c9ccff76f152ba

    • SSDEEP

      98304:2Sy3mKysr9uBx4WZTvyqL+R6ZiFLOAkGkzdnEVomFHKnPlAZ6hxvWbrtUTrUHO2W:2jB2AqL+RPFLOyomFHKnPlAcx+NcIOl

    Score
    7/10
    persistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks