General
-
Target
2024-03-18_6f94a12e611f86fe88d8a905cc8dd6c5_icedid
-
Size
2.8MB
-
Sample
240318-p1g55shg4s
-
MD5
6f94a12e611f86fe88d8a905cc8dd6c5
-
SHA1
56c8103ffe6b5c122a7cbbbddc8cfcd19df4b65e
-
SHA256
4be01d25428e46f5b3dd16f6b6fb538e118b4f52daf7381f52eefad1097c3a8d
-
SHA512
f7ea7bf0aed8b58a50d04ae18c6128e62be0ae38b7e58813e4612326708826cd300011541d4d691968b08f37096cc7f5cb098c7e2a0fcd3e9980e0dc78c6fd7a
-
SSDEEP
49152:yCwsbCANnKXferL7Vwe/Gg0P+WhuSflGEM:Vws2ANnKXOaeOgmh5fAEM
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-18_6f94a12e611f86fe88d8a905cc8dd6c5_icedid.exe
Resource
win7-20240215-en
Malware Config
Targets
-
-
Target
2024-03-18_6f94a12e611f86fe88d8a905cc8dd6c5_icedid
-
Size
2.8MB
-
MD5
6f94a12e611f86fe88d8a905cc8dd6c5
-
SHA1
56c8103ffe6b5c122a7cbbbddc8cfcd19df4b65e
-
SHA256
4be01d25428e46f5b3dd16f6b6fb538e118b4f52daf7381f52eefad1097c3a8d
-
SHA512
f7ea7bf0aed8b58a50d04ae18c6128e62be0ae38b7e58813e4612326708826cd300011541d4d691968b08f37096cc7f5cb098c7e2a0fcd3e9980e0dc78c6fd7a
-
SSDEEP
49152:yCwsbCANnKXferL7Vwe/Gg0P+WhuSflGEM:Vws2ANnKXOaeOgmh5fAEM
-
Gh0st RAT payload
-
UPX dump on OEP (original entry point)
-
Drops file in Drivers directory
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-