General
-
Target
2024-03-18_ad9dda641145cf742a514ff04f200181_icedid
-
Size
2.7MB
-
Sample
240318-nxk7ysfh67
-
MD5
ad9dda641145cf742a514ff04f200181
-
SHA1
790d364efc3e82cb7de0e2249e6aab56351de32f
-
SHA256
023b59945bb89faa48bd8fd1418c2aceb562dc123016e5680866e3e63d2d3308
-
SHA512
fabea2cc3a30c9d3a4c8932e9706bf55b8e953825f41d2c988ae8749645facb562c79d8031eb88a3724214a060e05543185dad21f5472ba7e1fb0a1ea6bc82b5
-
SSDEEP
24576:yCwsbKgbQ5NANIvGTYwMHXA+wT1kfTw4SIuvB74fgt7ibhRM5QhKehFdMtRj7nHL:yCwsbCANnKXferL7Vwe/Gg0P+WhoZr
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-18_ad9dda641145cf742a514ff04f200181_icedid.exe
Resource
win7-20231129-en
Malware Config
Targets
-
-
Target
2024-03-18_ad9dda641145cf742a514ff04f200181_icedid
-
Size
2.7MB
-
MD5
ad9dda641145cf742a514ff04f200181
-
SHA1
790d364efc3e82cb7de0e2249e6aab56351de32f
-
SHA256
023b59945bb89faa48bd8fd1418c2aceb562dc123016e5680866e3e63d2d3308
-
SHA512
fabea2cc3a30c9d3a4c8932e9706bf55b8e953825f41d2c988ae8749645facb562c79d8031eb88a3724214a060e05543185dad21f5472ba7e1fb0a1ea6bc82b5
-
SSDEEP
24576:yCwsbKgbQ5NANIvGTYwMHXA+wT1kfTw4SIuvB74fgt7ibhRM5QhKehFdMtRj7nHL:yCwsbCANnKXferL7Vwe/Gg0P+WhoZr
-
Gh0st RAT payload
-
UPX dump on OEP (original entry point)
-
Drops file in Drivers directory
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-