General
-
Target
2024-05-25_426b0a9cf588456c64a2005a11b7a02c_floxif_icedid
-
Size
3.2MB
-
Sample
240525-n14tgage98
-
MD5
426b0a9cf588456c64a2005a11b7a02c
-
SHA1
173919cd4ae0f94811748c86a65828f39f63e982
-
SHA256
2cdd0fad0b3320d3ae00f60a19089fc5fea6fdf136fbe6d1848a0fd70d78ac79
-
SHA512
601151482654bb109c4880b1ab2f235e8d385f8aecb93221990e7bd9dc478b58deb5e05a4d0601bf74e2fdb2b69cbb5957ddcd79cdfd659ba68be28b6f0b7927
-
SSDEEP
98304:vB4iQ3DmcmkVW96u4VUwzzPyt6fCXPpoBXc:vGiQ3D/VL2gDs
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-25_426b0a9cf588456c64a2005a11b7a02c_floxif_icedid.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
2024-05-25_426b0a9cf588456c64a2005a11b7a02c_floxif_icedid.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-05-25_426b0a9cf588456c64a2005a11b7a02c_floxif_icedid
-
Size
3.2MB
-
MD5
426b0a9cf588456c64a2005a11b7a02c
-
SHA1
173919cd4ae0f94811748c86a65828f39f63e982
-
SHA256
2cdd0fad0b3320d3ae00f60a19089fc5fea6fdf136fbe6d1848a0fd70d78ac79
-
SHA512
601151482654bb109c4880b1ab2f235e8d385f8aecb93221990e7bd9dc478b58deb5e05a4d0601bf74e2fdb2b69cbb5957ddcd79cdfd659ba68be28b6f0b7927
-
SSDEEP
98304:vB4iQ3DmcmkVW96u4VUwzzPyt6fCXPpoBXc:vGiQ3D/VL2gDs
Score9/10-
UPX dump on OEP (original entry point)
-
Modifies AppInit DLL entries
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Adds Run key to start application
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2Browser Extensions
1Privilege Escalation
Boot or Logon Autostart Execution
2Registry Run Keys / Startup Folder
2