4f9f61ba700b7408ff9b3bb9450ab487eee278a60b07f46df86334d8ce792ae9 | Triage

Sharing

General

Target

2024-04-16_c3c072d73d6461eece384d5942a88760_icedid
Size

2.0MB
Sample

240416-2wv8esgd41
MD5

c3c072d73d6461eece384d5942a88760
SHA1

e252ff4e3c94ddf10a5a31c06fe7784a34f17933
SHA256

4f9f61ba700b7408ff9b3bb9450ab487eee278a60b07f46df86334d8ce792ae9
SHA512

230af63617abb602516b8ecd02c440373efe8b9ead5adbd15004e6785904a460ab916c25c0777592780dba2bff1957dabd1b9c4d18c5cb61e3b968a251f71a67
SSDEEP

49152:lXSoepZbTChxKCnFnQXBbrtgb/iQvu0UHOaYmLS:lXSTpZ6hxvWbrtUTrUHO2O

Score

7^/10

persistence

Malware Config

Targets

- Target
  
  2024-04-16_c3c072d73d6461eece384d5942a88760_icedid
- Size
  
  2.0MB
- MD5
  
  c3c072d73d6461eece384d5942a88760
- SHA1
  
  e252ff4e3c94ddf10a5a31c06fe7784a34f17933
- SHA256
  
  4f9f61ba700b7408ff9b3bb9450ab487eee278a60b07f46df86334d8ce792ae9
- SHA512
  
  230af63617abb602516b8ecd02c440373efe8b9ead5adbd15004e6785904a460ab916c25c0777592780dba2bff1957dabd1b9c4d18c5cb61e3b968a251f71a67
- SSDEEP
  
  49152:lXSoepZbTChxKCnFnQXBbrtgb/iQvu0UHOaYmLS:lXSTpZ6hxvWbrtUTrUHO2O
Score

7^/10

persistence
- Checks computer location settings
  Looks up country code configured in the registry, likely geofence.
- Executes dropped EXE
- Loads dropped DLL
- Adds Run key to start application
  persistence
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2