General
-
Target
2024-03-18_dba447255cfb41e208a64d7e3b6c3d48_icedid
-
Size
3.0MB
-
Sample
240318-p3qkashb67
-
MD5
dba447255cfb41e208a64d7e3b6c3d48
-
SHA1
4adf147088243c775dcbb10a14baa10c9b2b34b2
-
SHA256
ca719b9b347fafa7d0229cd23bb99b14b09aff81a900a6e9b1c6cba498c686e2
-
SHA512
1901b274b8e6c5c1d597ab2dd764511fcacc3ee4aa2f1065ab834e501193b6b228952817360e9ef6589a429fba679f9048f18edd57e5e53ec2e05935694c0f40
-
SSDEEP
49152:yCwsbCANnKXferL7Vwe/Gg0P+WhaUasqcVh:Vws2ANnKXOaeOgmhaPFmh
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-18_dba447255cfb41e208a64d7e3b6c3d48_icedid.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
2024-03-18_dba447255cfb41e208a64d7e3b6c3d48_icedid
-
Size
3.0MB
-
MD5
dba447255cfb41e208a64d7e3b6c3d48
-
SHA1
4adf147088243c775dcbb10a14baa10c9b2b34b2
-
SHA256
ca719b9b347fafa7d0229cd23bb99b14b09aff81a900a6e9b1c6cba498c686e2
-
SHA512
1901b274b8e6c5c1d597ab2dd764511fcacc3ee4aa2f1065ab834e501193b6b228952817360e9ef6589a429fba679f9048f18edd57e5e53ec2e05935694c0f40
-
SSDEEP
49152:yCwsbCANnKXferL7Vwe/Gg0P+WhaUasqcVh:Vws2ANnKXOaeOgmhaPFmh
-
Gh0st RAT payload
-
UPX dump on OEP (original entry point)
-
Drops file in Drivers directory
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Drops file in System32 directory
-