Overview

overview

9

Static

static

3

2024-04-20...mi.exe

windows7-x64

9

2024-04-20...mi.exe

windows10-2004-x64

9

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-04-20_33aeb3e9b867bcaf21ceb4ee04ae5a1d_icedid_wapomi

  • Size

    640KB

  • Sample

    240420-lc5dzsea4s

  • MD5

    33aeb3e9b867bcaf21ceb4ee04ae5a1d

  • SHA1

    058a52209b20fe6e3efe409f3e2ac1899a49ecd4

  • SHA256

    b597abcffa0585e465fd971633f41dfbb2e9bfb34752e3cf8d2f81bd0609b324

  • SHA512

    c3bfae0ac3207f8299f55ea6916dc9c46df37ef443d31dc209a20ce3cfd9c99e85165649906b35bcd7a2ae9526257e811d5282832fffb730aeb569867b243e96

  • SSDEEP

    12288:hJUvxKcxpJ6HL3D0jwiZcaKqqnfrjSZYqWP8Eq7tbgVv09smaM:U3xQDdiZcaKZYkq7tbg9

Score
9/10
aspackv2

Malware Config

Targets

    • Target

      2024-04-20_33aeb3e9b867bcaf21ceb4ee04ae5a1d_icedid_wapomi

    • Size

      640KB

    • MD5

      33aeb3e9b867bcaf21ceb4ee04ae5a1d

    • SHA1

      058a52209b20fe6e3efe409f3e2ac1899a49ecd4

    • SHA256

      b597abcffa0585e465fd971633f41dfbb2e9bfb34752e3cf8d2f81bd0609b324

    • SHA512

      c3bfae0ac3207f8299f55ea6916dc9c46df37ef443d31dc209a20ce3cfd9c99e85165649906b35bcd7a2ae9526257e811d5282832fffb730aeb569867b243e96

    • SSDEEP

      12288:hJUvxKcxpJ6HL3D0jwiZcaKqqnfrjSZYqWP8Eq7tbgVv09smaM:U3xQDdiZcaKZYkq7tbg9

    Score
    9/10
    aspackv2

    • Detects executables packed with ASPack

    • ASPack v2.12-2.42

      Detects executables packed with ASPack v2.12-2.42

      aspackv2

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

1
T1012

System Information Discovery

2
T1082

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks