Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
General
-
Target
2024-04-16_bce97b57128e19e263039cd714bf63ce_icedid
-
Size
2.8MB
-
Sample
240416-xlm2vahh35
-
MD5
bce97b57128e19e263039cd714bf63ce
-
SHA1
d1bb2d7f144e1eae410130043eb78e4dae9e50b8
-
SHA256
1d94c806d5372d5014b19d323e1e6b8eabdab0980c04be34364e53c7d8b9ba00
-
SHA512
2ed0cc4c5a58c30ebc36791c30ad61237e3eec7c86d2e0c4ec12228c7db76d7f719643c286868d99d2fe9266441d54684ae0c438cba2bb4584d42f85f2ea11c9
-
SSDEEP
49152:dCwsbCANnKXferL7Vwe/Gg0P+WhIymgo+Kc+eG6nQeVawAa:gws2ANnKXOaeOgmhIymbK+eG6nQ2B
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-16_bce97b57128e19e263039cd714bf63ce_icedid.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
2024-04-16_bce97b57128e19e263039cd714bf63ce_icedid
-
Size
2.8MB
-
MD5
bce97b57128e19e263039cd714bf63ce
-
SHA1
d1bb2d7f144e1eae410130043eb78e4dae9e50b8
-
SHA256
1d94c806d5372d5014b19d323e1e6b8eabdab0980c04be34364e53c7d8b9ba00
-
SHA512
2ed0cc4c5a58c30ebc36791c30ad61237e3eec7c86d2e0c4ec12228c7db76d7f719643c286868d99d2fe9266441d54684ae0c438cba2bb4584d42f85f2ea11c9
-
SSDEEP
49152:dCwsbCANnKXferL7Vwe/Gg0P+WhIymgo+Kc+eG6nQeVawAa:gws2ANnKXOaeOgmhIymbK+eG6nQ2B
-
Gh0st RAT payload
-
UPX dump on OEP (original entry point)
-
Drops file in Drivers directory
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-