General
-
Target
2024-04-27_f9ee9fe02da00f16269252466916c2c9_icedid
-
Size
1.5MB
-
Sample
240427-f2grbscg5v
-
MD5
f9ee9fe02da00f16269252466916c2c9
-
SHA1
ae3632e9c85a96355d41d67eb6b611ecd810c299
-
SHA256
9227f3d1c0c946021e24e7eca8cf06d7f116b6bfb0becf92faaf121ed3af6619
-
SHA512
6256c2c303927f3a5bea1ee683efb3eb4488e33cc0bb5fec84f89e20e2e6c28be77faa48119aeda5d6b911e21b688d136cc541bbb339ea2eeb1c4a9d6f963295
-
SSDEEP
24576:VOOWTr4MZzxczyVPVaJwJu9i5HtjnhAl49dJURTiBDLPvvS:/W7ZzxNJi9utj+K94wJPXS
Static task
static1
Behavioral task
behavioral1
Sample
2024-04-27_f9ee9fe02da00f16269252466916c2c9_icedid.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
2024-04-27_f9ee9fe02da00f16269252466916c2c9_icedid
-
Size
1.5MB
-
MD5
f9ee9fe02da00f16269252466916c2c9
-
SHA1
ae3632e9c85a96355d41d67eb6b611ecd810c299
-
SHA256
9227f3d1c0c946021e24e7eca8cf06d7f116b6bfb0becf92faaf121ed3af6619
-
SHA512
6256c2c303927f3a5bea1ee683efb3eb4488e33cc0bb5fec84f89e20e2e6c28be77faa48119aeda5d6b911e21b688d136cc541bbb339ea2eeb1c4a9d6f963295
-
SSDEEP
24576:VOOWTr4MZzxczyVPVaJwJu9i5HtjnhAl49dJURTiBDLPvvS:/W7ZzxNJi9utj+K94wJPXS
-
Detect Blackmoon payload
-
UPX dump on OEP (original entry point)
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Drops file in System32 directory
-