General

  • Target

    2024-03-10_297942cdaf9c3efc3968bab08b2a69ea_icedid

  • Size

    24.2MB

  • Sample

    240310-zg141sbh3s

  • MD5

    297942cdaf9c3efc3968bab08b2a69ea

  • SHA1

    ed32102f28e40674f308a74c9f00eb0908ab797a

  • SHA256

    09b1cb8d457625091e02d13c9f6323309a5652ed4e8b33eaf9c994ca9c849805

  • SHA512

    55e09b0d0da590cfd529ca0e6b1d084653cb5e96df8cf94ecd1d721f02d208b02391b89ad65b25c727218623627eaedead2df2611ff42a397b865b22fb57f53d

  • SSDEEP

    786432:cs+YdwaieOlOcPy3zGxzdXDkX5/ghmmdP/2aZFOnQh5Ts:cs5d/itGjGxx2/gcmYagQh5o

Score
10/10

Malware Config

Targets

    • Target

      2024-03-10_297942cdaf9c3efc3968bab08b2a69ea_icedid

    • Size

      24.2MB

    • MD5

      297942cdaf9c3efc3968bab08b2a69ea

    • SHA1

      ed32102f28e40674f308a74c9f00eb0908ab797a

    • SHA256

      09b1cb8d457625091e02d13c9f6323309a5652ed4e8b33eaf9c994ca9c849805

    • SHA512

      55e09b0d0da590cfd529ca0e6b1d084653cb5e96df8cf94ecd1d721f02d208b02391b89ad65b25c727218623627eaedead2df2611ff42a397b865b22fb57f53d

    • SSDEEP

      786432:cs+YdwaieOlOcPy3zGxzdXDkX5/ghmmdP/2aZFOnQh5Ts:cs5d/itGjGxx2/gcmYagQh5o

    Score
    10/10
    • AsyncRat

      AsyncRAT is designed to remotely monitor and control other computers written in C#.

    • Async RAT payload

    • Detects executables attemping to enumerate video devices using WMI

    • Detects executables containing the string DcRatBy

    • Detects executables embedding bas64-encoded APIs, command lines, registry keys, etc.

    • Executes dropped EXE

    • Loads dropped DLL

MITRE ATT&CK Enterprise v15

Tasks