0623ecea6152255e7138ec268afda385cc32d1fba64b41ad1a13a629f462346d | Triage

Sharing

General

Target

2024-04-11_392bfd765448b6b66591db5c3e7ae529_icedid
Size

20.4MB
Sample

240411-nl39dsae57
MD5

392bfd765448b6b66591db5c3e7ae529
SHA1

352deb85ba8855d2f063c010433c9a8dc0f937f1
SHA256

0623ecea6152255e7138ec268afda385cc32d1fba64b41ad1a13a629f462346d
SHA512

89e66a51798562dbafe9317add260c712257d9fcdcccbb5e650165695f3ca019869b879d2cc2ee978c188f22704e65a51979becf38379ca65aac3a362a10f683
SSDEEP

196608:gCcCcdHxOwfACcCcdHxOwf4vbrx/NsqXd2VBlfDDAGmsBU:wROAQROA2nbolfXYs+

Score

8^/10

persistence ransomware

Malware Config

Targets

- Target
  
  2024-04-11_392bfd765448b6b66591db5c3e7ae529_icedid
- Size
  
  20.4MB
- MD5
  
  392bfd765448b6b66591db5c3e7ae529
- SHA1
  
  352deb85ba8855d2f063c010433c9a8dc0f937f1
- SHA256
  
  0623ecea6152255e7138ec268afda385cc32d1fba64b41ad1a13a629f462346d
- SHA512
  
  89e66a51798562dbafe9317add260c712257d9fcdcccbb5e650165695f3ca019869b879d2cc2ee978c188f22704e65a51979becf38379ca65aac3a362a10f683
- SSDEEP
  
  196608:gCcCcdHxOwfACcCcdHxOwf4vbrx/NsqXd2VBlfDDAGmsBU:wROAQROA2nbolfXYs+
Score

8^/10

persistence ransomware
- Drops file in Drivers directory
- Adds Run key to start application
  persistence
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

behavioral2

persistenceransomware