General
-
Target
2024-04-27_fd4dcaa68aad40970bd09cb6bbb6d463_icedid
-
Size
1.3MB
-
Sample
240427-f24k4aca66
-
MD5
fd4dcaa68aad40970bd09cb6bbb6d463
-
SHA1
528831a95b707ae185d97cf2855e63aa241623fc
-
SHA256
676494941a3d58b29f2c1c99a85ebb1ea01189eef4483c0a231da2c9074c522c
-
SHA512
dfc365186cd1bf6de6239eedaa42e5ef633faa88ea15b9f70711ada66a6aaacd5f33401912ab6797ffe445460298be416cf7469be9a3110403c8ca9a095816a0
-
SSDEEP
12288:WCrO3gDTN14MWUJzlzczyVaYQzoLGi5HwKQDI13gqx8pXyHC:WOOWTr4MZzxczyVyi5QXBW8Mi
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-27_fd4dcaa68aad40970bd09cb6bbb6d463_icedid.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
2024-04-27_fd4dcaa68aad40970bd09cb6bbb6d463_icedid
-
Size
1.3MB
-
MD5
fd4dcaa68aad40970bd09cb6bbb6d463
-
SHA1
528831a95b707ae185d97cf2855e63aa241623fc
-
SHA256
676494941a3d58b29f2c1c99a85ebb1ea01189eef4483c0a231da2c9074c522c
-
SHA512
dfc365186cd1bf6de6239eedaa42e5ef633faa88ea15b9f70711ada66a6aaacd5f33401912ab6797ffe445460298be416cf7469be9a3110403c8ca9a095816a0
-
SSDEEP
12288:WCrO3gDTN14MWUJzlzczyVaYQzoLGi5HwKQDI13gqx8pXyHC:WOOWTr4MZzxczyVyi5QXBW8Mi
-
Detect Blackmoon payload
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops file in System32 directory
-