0b17037c872ad338e70bdec5593ef2d0af673bd8b1cac17adb51dc996a4083cc | Triage

Sharing

General

Target

2024-05-15_876eae7a13756dfb6df30099bf9569dc_icedid
Size

10.2MB
Sample

240515-y8v7eaad4x
MD5

876eae7a13756dfb6df30099bf9569dc
SHA1

cd7fb896bb30a2f77246fcb060121aacb65528da
SHA256

0b17037c872ad338e70bdec5593ef2d0af673bd8b1cac17adb51dc996a4083cc
SHA512

0ba53fb6ff2984d1ebb498da58f124d42b20aa6153412cbed8d20f1ed47f64dd1a7c20455f146a0275e14c1ef6da008b0ad993825a2b65c7e1421139564c201c
SSDEEP

98304:Xe5x6c1OwoCSG8kM8LNhS9Yw8OCe5x6c1OwoCSG8kM8LNhS9Yw8OV:wKCSL8RwzJKCSL8RwzV

Score

8^/10

persistence ransomware

Malware Config

Targets

- Target
  
  2024-05-15_876eae7a13756dfb6df30099bf9569dc_icedid
- Size
  
  10.2MB
- MD5
  
  876eae7a13756dfb6df30099bf9569dc
- SHA1
  
  cd7fb896bb30a2f77246fcb060121aacb65528da
- SHA256
  
  0b17037c872ad338e70bdec5593ef2d0af673bd8b1cac17adb51dc996a4083cc
- SHA512
  
  0ba53fb6ff2984d1ebb498da58f124d42b20aa6153412cbed8d20f1ed47f64dd1a7c20455f146a0275e14c1ef6da008b0ad993825a2b65c7e1421139564c201c
- SSDEEP
  
  98304:Xe5x6c1OwoCSG8kM8LNhS9Yw8OCe5x6c1OwoCSG8kM8LNhS9Yw8OV:wKCSL8RwzJKCSL8RwzV
Score

8^/10

persistence ransomware
- Drops file in Drivers directory
- Adds Run key to start application
  persistence
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

behavioral2

persistenceransomware