93b0bda1c86aacbf94300e66206d104cc1a7df70ec71bc217d63c1ab6a3c9c19 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-04-16_0f3185cfacdee33bc381c0cdd92c7972_icedid
Size

3.3MB
Sample

240416-tdjsnsff9v
MD5

0f3185cfacdee33bc381c0cdd92c7972
SHA1

9d487fb0e2498a3cdef7a71a888d58518b0f11ed
SHA256

93b0bda1c86aacbf94300e66206d104cc1a7df70ec71bc217d63c1ab6a3c9c19
SHA512

77409ffd5622211c18baf76869bc1262e7bf1d4b9d30b02ccb755ef6eaf813b521d6f3a503b3c930e79532b2ae0c2f2bb2eb0f87c57d4ba2741daccff95aa55f
SSDEEP

98304:CmJi+eglbtDVG4exFK/USjlOc4KgDE62KFjI:ClIbtAulO2gD2KFjI

Score

10^/10

evasion persistence

Malware Config

Targets

- Target
  
  2024-04-16_0f3185cfacdee33bc381c0cdd92c7972_icedid
- Size
  
  3.3MB
- MD5
  
  0f3185cfacdee33bc381c0cdd92c7972
- SHA1
  
  9d487fb0e2498a3cdef7a71a888d58518b0f11ed
- SHA256
  
  93b0bda1c86aacbf94300e66206d104cc1a7df70ec71bc217d63c1ab6a3c9c19
- SHA512
  
  77409ffd5622211c18baf76869bc1262e7bf1d4b9d30b02ccb755ef6eaf813b521d6f3a503b3c930e79532b2ae0c2f2bb2eb0f87c57d4ba2741daccff95aa55f
- SSDEEP
  
  98304:CmJi+eglbtDVG4exFK/USjlOc4KgDE62KFjI:ClIbtAulO2gD2KFjI
Score

10^/10

evasion persistence
- Modifies WinLogon for persistence
  persistence
- Modifies visiblity of hidden/system files in Explorer
  evasion
- Executes dropped EXE
- Loads dropped DLL
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Winlogon Helper DLL

Privilege Escalation

Boot or Logon Autostart Execution

Winlogon Helper DLL

Defense Evasion

Hide Artifacts

Hidden Files and Directories

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

evasionpersistence

behavioral2

evasionpersistence