General
-
Target
2024-03-22_2cd8d7d957cf3e7e5aed6869107cdffa_icedid
-
Size
4.0MB
-
Sample
240322-rvl81scf47
-
MD5
2cd8d7d957cf3e7e5aed6869107cdffa
-
SHA1
2444b822008b71b4856877f808863bc2b3b0d007
-
SHA256
912570025c750b760e0260407406df9bd3803f1e1caa8ffda843ab25babeff6d
-
SHA512
060df6538a6545118b21e018f44434238fad28862e088fde2692a32dc191f657818f682d35935c57798c4fcc0db3cc49a10b104cc55f4221e91648a2f622ee1f
-
SSDEEP
49152:jsy+7QNG6E3IWHPkVOBTKTo+tPZz4TTDWGCXQUi82RzdIM0:vmQNG6E3IzO0To+tPZz4THWG6/h24M0
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-22_2cd8d7d957cf3e7e5aed6869107cdffa_icedid.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
2024-03-22_2cd8d7d957cf3e7e5aed6869107cdffa_icedid
-
Size
4.0MB
-
MD5
2cd8d7d957cf3e7e5aed6869107cdffa
-
SHA1
2444b822008b71b4856877f808863bc2b3b0d007
-
SHA256
912570025c750b760e0260407406df9bd3803f1e1caa8ffda843ab25babeff6d
-
SHA512
060df6538a6545118b21e018f44434238fad28862e088fde2692a32dc191f657818f682d35935c57798c4fcc0db3cc49a10b104cc55f4221e91648a2f622ee1f
-
SSDEEP
49152:jsy+7QNG6E3IWHPkVOBTKTo+tPZz4TTDWGCXQUi82RzdIM0:vmQNG6E3IzO0To+tPZz4THWG6/h24M0
-
Gh0st RAT payload
-
Detects executables calling ClearMyTracksByProcess
-
Drops file in Drivers directory
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-