Overview

overview

8

Static

static

3

2024-05-23...id.exe

windows7-x64

8

2024-05-23...id.exe

windows10-2004-x64

8

Sharing

Copy URL
Twitter E-mail

General

  • Target

    2024-05-23_efe125fd9b66c6bf045d394f53e9d2c9_icedid

  • Size

    9.9MB

  • Sample

    240523-bcehfsfh26

  • MD5

    efe125fd9b66c6bf045d394f53e9d2c9

  • SHA1

    ba4cb8cdbcdba73105129b989b82b27e8118d566

  • SHA256

    5b6278c43813954ea85a7fd4ab85e90f0f4d8e5422c50e03aac055a6df3fea48

  • SHA512

    6c55bc87513c87af8f1f453779eefd51cb32afc9d92baf15f29d0b8f77b9b52e2fbf8605f2e7dee1fecd57dc04f39c819e82cfb4db38d67e275ec21e28aaf457

  • SSDEEP

    98304:3u5x6M1WopNhS9Yw8yPNhS9Yw8yuFhHZhANhS9Yw8yE:AiewflwfAh+wfE

Score
8/10
persistenceransomware

Malware Config

Targets

    • Target

      2024-05-23_efe125fd9b66c6bf045d394f53e9d2c9_icedid

    • Size

      9.9MB

    • MD5

      efe125fd9b66c6bf045d394f53e9d2c9

    • SHA1

      ba4cb8cdbcdba73105129b989b82b27e8118d566

    • SHA256

      5b6278c43813954ea85a7fd4ab85e90f0f4d8e5422c50e03aac055a6df3fea48

    • SHA512

      6c55bc87513c87af8f1f453779eefd51cb32afc9d92baf15f29d0b8f77b9b52e2fbf8605f2e7dee1fecd57dc04f39c819e82cfb4db38d67e275ec21e28aaf457

    • SSDEEP

      98304:3u5x6M1WopNhS9Yw8yPNhS9Yw8yuFhHZhANhS9Yw8yE:AiewflwfAh+wfE

    Score
    8/10
    persistenceransomware

    • Drops file in Drivers directory

    • Adds Run key to start application

      persistence

    • Sets desktop wallpaper using registry

      ransomware
    behavioral1behavioral2

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Privilege Escalation

Boot or Logon Autostart Execution

1
T1547

Registry Run Keys / Startup Folder

1
T1547.001

Defense Evasion

Modify Registry

2
T1112

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Defacement

1
T1491

Resource Development

Reconnaissance

Tasks