a9b09dfb017c804462231d4847010e51671d8862c657ae306c2588cb966f013c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-09_120b85d1fda704c6e35db52e04cef899_icedid
Size

9.9MB
Sample

240509-nhsngshf22
MD5

120b85d1fda704c6e35db52e04cef899
SHA1

aa0ba361619953d2e824ce3f3b39287da6ab6aab
SHA256

a9b09dfb017c804462231d4847010e51671d8862c657ae306c2588cb966f013c
SHA512

20f85e77e07a82324b2183135919210c736fa30057de7e9c8075e1bef6fb3dc966394714b4edd3a6a28e02465cc1d644c12dc7f7a715e23df5506b51998ffe19
SSDEEP

98304:3u5x6M1WopNhS9Yw8yPNhS9Yw8yuFhHZhANhS9Yw8yEp:AiewflwfAh+wfEp

Score

8^/10

persistence ransomware

Malware Config

Targets

- Target
  
  2024-05-09_120b85d1fda704c6e35db52e04cef899_icedid
- Size
  
  9.9MB
- MD5
  
  120b85d1fda704c6e35db52e04cef899
- SHA1
  
  aa0ba361619953d2e824ce3f3b39287da6ab6aab
- SHA256
  
  a9b09dfb017c804462231d4847010e51671d8862c657ae306c2588cb966f013c
- SHA512
  
  20f85e77e07a82324b2183135919210c736fa30057de7e9c8075e1bef6fb3dc966394714b4edd3a6a28e02465cc1d644c12dc7f7a715e23df5506b51998ffe19
- SSDEEP
  
  98304:3u5x6M1WopNhS9Yw8yPNhS9Yw8yuFhHZhANhS9Yw8yEp:AiewflwfAh+wfEp
Score

8^/10

persistence ransomware
- Drops file in Drivers directory
- Adds Run key to start application
  persistence
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

behavioral2

persistenceransomware