General
-
Target
2024-04-18_e3fe3dec24ce5b9d25742e8ccb1d118b_icedid
-
Size
4.3MB
-
Sample
240418-xzgrzsdf5w
-
MD5
e3fe3dec24ce5b9d25742e8ccb1d118b
-
SHA1
fac84e8874b9cd779257f80cc12b87ad35853d9a
-
SHA256
6cce3352f7e8414a59974e7cf8b90039dc699207127c5ef35cc9da21011e7c9a
-
SHA512
60ee14fcc5f0abbb7b704601bf98894142dca9bb2419f44625a9451ab2521f6d1715bcc18a1b198d1faafc82999793b5d508911c7cbec5b00657670b839758d9
-
SSDEEP
49152:vQZAdVyVT9n/Gg0P+WhoHCKFBY+LoY2G/uW16js/+EoETONa4O8b8ITDnl/hFx+y:IGdVyVT9nOgmhxoY+LoYLVWE+EoEq
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-18_e3fe3dec24ce5b9d25742e8ccb1d118b_icedid.exe
Resource
win7-20240215-en
Malware Config
Targets
-
-
Target
2024-04-18_e3fe3dec24ce5b9d25742e8ccb1d118b_icedid
-
Size
4.3MB
-
MD5
e3fe3dec24ce5b9d25742e8ccb1d118b
-
SHA1
fac84e8874b9cd779257f80cc12b87ad35853d9a
-
SHA256
6cce3352f7e8414a59974e7cf8b90039dc699207127c5ef35cc9da21011e7c9a
-
SHA512
60ee14fcc5f0abbb7b704601bf98894142dca9bb2419f44625a9451ab2521f6d1715bcc18a1b198d1faafc82999793b5d508911c7cbec5b00657670b839758d9
-
SSDEEP
49152:vQZAdVyVT9n/Gg0P+WhoHCKFBY+LoY2G/uW16js/+EoETONa4O8b8ITDnl/hFx+y:IGdVyVT9nOgmhxoY+LoYLVWE+EoEq
-
Gh0st RAT payload
-
UPX dump on OEP (original entry point)
-
Drops file in Drivers directory
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-