General
-
Target
2024-03-26_314584e001680da33f9f2e08f1ebbdc4_icedid
-
Size
4.3MB
-
Sample
240326-nnc5zshb23
-
MD5
314584e001680da33f9f2e08f1ebbdc4
-
SHA1
2ae0d7d8747c641fa7ff82b7196cced858410996
-
SHA256
41da33b33d4d9ce118980d38e50d7c3be1caf21a3d75a512de7d91cef5d6bb35
-
SHA512
f7fb82d4c75cc607cf508b2a48cbd22cf78ee4ed1c92ed0aab1c29e96bf42e7d44fdac67df8ddacc2ad7e1a288a7d2ee0f72a1745851a30618800f92978f40f3
-
SSDEEP
98304:Aws2ANnKXOaeOgmhgR2YNTVqnPQuzrFH6qXHnIqhYY:WKXbeO7SRnNhqnZzrFaQHnWY
Static task
static1
Behavioral task
behavioral1
Sample
2024-03-26_314584e001680da33f9f2e08f1ebbdc4_icedid.exe
Resource
win7-20240220-en
Malware Config
Targets
-
-
Target
2024-03-26_314584e001680da33f9f2e08f1ebbdc4_icedid
-
Size
4.3MB
-
MD5
314584e001680da33f9f2e08f1ebbdc4
-
SHA1
2ae0d7d8747c641fa7ff82b7196cced858410996
-
SHA256
41da33b33d4d9ce118980d38e50d7c3be1caf21a3d75a512de7d91cef5d6bb35
-
SHA512
f7fb82d4c75cc607cf508b2a48cbd22cf78ee4ed1c92ed0aab1c29e96bf42e7d44fdac67df8ddacc2ad7e1a288a7d2ee0f72a1745851a30618800f92978f40f3
-
SSDEEP
98304:Aws2ANnKXOaeOgmhgR2YNTVqnPQuzrFH6qXHnIqhYY:WKXbeO7SRnNhqnZzrFaQHnWY
-
Gh0st RAT payload
-
UPX dump on OEP (original entry point)
-
Drops file in Drivers directory
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-