General
-
Target
2024-04-22_6eb8586f90697dd4beb27e9015fc4189_icedid
-
Size
713KB
-
Sample
240422-yx8clafe93
-
MD5
6eb8586f90697dd4beb27e9015fc4189
-
SHA1
45e666c23e90dbf0fe01dff361a28a5aa83f741b
-
SHA256
39f34b538f8f8369e2f8b3e15e3f9063062bfa7215fba916dbaf8a288b9cc486
-
SHA512
3f53c0927bc1bdca716955cca02f2caa6563f5675117339df3658db9e47a8c2e6c2f729ee438ddaac0cc6e78f2306bcef19b86b589d74b73772a787a1c252783
-
SSDEEP
12288:yz7QybZgMX3OX2whdCzV8QPV26oeg5cnufS5DjLeD5xn9ENsOopT3luEaru:yzOnCzVV2QgGnuK5fMCN8T3luzr
Malware Config
Targets
-
-
Target
2024-04-22_6eb8586f90697dd4beb27e9015fc4189_icedid
-
Size
713KB
-
MD5
6eb8586f90697dd4beb27e9015fc4189
-
SHA1
45e666c23e90dbf0fe01dff361a28a5aa83f741b
-
SHA256
39f34b538f8f8369e2f8b3e15e3f9063062bfa7215fba916dbaf8a288b9cc486
-
SHA512
3f53c0927bc1bdca716955cca02f2caa6563f5675117339df3658db9e47a8c2e6c2f729ee438ddaac0cc6e78f2306bcef19b86b589d74b73772a787a1c252783
-
SSDEEP
12288:yz7QybZgMX3OX2whdCzV8QPV26oeg5cnufS5DjLeD5xn9ENsOopT3luEaru:yzOnCzVV2QgGnuK5fMCN8T3luzr
Score9/10-
Detects executables containing SQL queries to confidential data stores. Observed in infostealers
-
Detects executables containing possible sandbox analysis VM usernames
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Reads user/profile data of web browsers
Infostealers often target stored browser data, which can include saved credentials etc.
-
Drops file in System32 directory
-