Overview

overview

7

Static

static

3

2024-04-19...id.exe

windows7-x64

7

2024-04-19...id.exe

windows10-2004-x64

7

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-04-19_dcdc5658c11b9103a4786a35b7459f0e_icedid

  • Size

    1.5MB

  • Sample

    240419-zwawdagc6s

  • MD5

    dcdc5658c11b9103a4786a35b7459f0e

  • SHA1

    911c5f2ff1096b7fe3d1f3060bdffd801a777e29

  • SHA256

    d87ae762b88946480a52feb99559d8195af163efcbcd605e0f05c43a4892fb07

  • SHA512

    acc3099b2a108996acc0988fe5b20414f41a6b82f789e87c589d20f32226a2f0e93f53c4a8a3229a9fd1756e71c3cdeb577c35f3309a59a9555129e8f7b2eb54

  • SSDEEP

    24576:9d8fS1xamM7uH3KHSEmoK+MtENLMieNmYvXE:9GfUamM7uH3KH7moK+MtENLd4mIXE

Score
7/10
evasionspywarestealertrojan

Malware Config

Targets

    • Target

      2024-04-19_dcdc5658c11b9103a4786a35b7459f0e_icedid

    • Size

      1.5MB

    • MD5

      dcdc5658c11b9103a4786a35b7459f0e

    • SHA1

      911c5f2ff1096b7fe3d1f3060bdffd801a777e29

    • SHA256

      d87ae762b88946480a52feb99559d8195af163efcbcd605e0f05c43a4892fb07

    • SHA512

      acc3099b2a108996acc0988fe5b20414f41a6b82f789e87c589d20f32226a2f0e93f53c4a8a3229a9fd1756e71c3cdeb577c35f3309a59a9555129e8f7b2eb54

    • SSDEEP

      24576:9d8fS1xamM7uH3KHSEmoK+MtENLMieNmYvXE:9GfUamM7uH3KH7moK+MtENLd4mIXE

    Score
    7/10
    evasionspywarestealertrojan

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Reads user/profile data of web browsers

      Infostealers often target stored browser data, which can include saved credentials etc.

      spywarestealer

    • Checks whether UAC is enabled

      evasiontrojan

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks