General
-
Target
2024-03-18_74efabe07bb9ace10cff8cf5830f8e22_icedid
-
Size
3.2MB
-
Sample
240318-p11mgshg5w
-
MD5
74efabe07bb9ace10cff8cf5830f8e22
-
SHA1
8912ff56d27413b81f238ac43e5fa26949dec702
-
SHA256
b178c629f74cb91d715d1bdbddd022bf2839715aa56435ea140de2b4e3ed126a
-
SHA512
1b51817147c1816c605000be7b8b3ec3b5b14515113179044419fb6103886719ee53a56efa4f199f458d12dc30638244280bb5cf20cc1aa8a294b5d5f2a4cdca
-
SSDEEP
49152:yCwsbCANnKXferL7Vwe/Gg0P+WhdRjvQoX0wiz:Vws2ANnKXOaeOgmhdRjY9
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-18_74efabe07bb9ace10cff8cf5830f8e22_icedid.exe
Resource
win7-20231129-en
Malware Config
Targets
-
-
Target
2024-03-18_74efabe07bb9ace10cff8cf5830f8e22_icedid
-
Size
3.2MB
-
MD5
74efabe07bb9ace10cff8cf5830f8e22
-
SHA1
8912ff56d27413b81f238ac43e5fa26949dec702
-
SHA256
b178c629f74cb91d715d1bdbddd022bf2839715aa56435ea140de2b4e3ed126a
-
SHA512
1b51817147c1816c605000be7b8b3ec3b5b14515113179044419fb6103886719ee53a56efa4f199f458d12dc30638244280bb5cf20cc1aa8a294b5d5f2a4cdca
-
SSDEEP
49152:yCwsbCANnKXferL7Vwe/Gg0P+WhdRjvQoX0wiz:Vws2ANnKXOaeOgmhdRjY9
-
Gh0st RAT payload
-
UPX dump on OEP (original entry point)
-
Drops file in Drivers directory
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-