General
-
Target
2024-03-18_607f39771833fabd36502af1a775ab13_icedid
-
Size
3.2MB
-
Sample
240318-nvz84afh25
-
MD5
607f39771833fabd36502af1a775ab13
-
SHA1
3e36620a3ab5f9c57900b8c1225b79cb6c4ffcd1
-
SHA256
11367196782104a98e94c3e4ba8363699ff6999ed3819c88a1bbfe9cb82bb641
-
SHA512
93664574f9f7666c62096d7fb7a32745ad4f2c2b892af918c76547a0c8bded48c71686e794bff63a48e77f991d9e92adc3f53bd02522efe104fcb9ce11b94b62
-
SSDEEP
49152:yCwsbCANnKXferL7Vwe/Gg0P+WhS1B1Ws427IWQwZ+2O:Vws2ANnKXOaeOgmhS1BIt27IFwZe
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-18_607f39771833fabd36502af1a775ab13_icedid.exe
Resource
win7-20231129-en
Malware Config
Targets
-
-
Target
2024-03-18_607f39771833fabd36502af1a775ab13_icedid
-
Size
3.2MB
-
MD5
607f39771833fabd36502af1a775ab13
-
SHA1
3e36620a3ab5f9c57900b8c1225b79cb6c4ffcd1
-
SHA256
11367196782104a98e94c3e4ba8363699ff6999ed3819c88a1bbfe9cb82bb641
-
SHA512
93664574f9f7666c62096d7fb7a32745ad4f2c2b892af918c76547a0c8bded48c71686e794bff63a48e77f991d9e92adc3f53bd02522efe104fcb9ce11b94b62
-
SSDEEP
49152:yCwsbCANnKXferL7Vwe/Gg0P+WhS1B1Ws427IWQwZ+2O:Vws2ANnKXOaeOgmhS1BIt27IFwZe
-
Gh0st RAT payload
-
UPX dump on OEP (original entry point)
-
Drops file in Drivers directory
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-