General

  • Target

    2024-05-28_59b7867b993f6a66891271a43964ee3c_icedid

  • Size

    16.8MB

  • Sample

    240528-azeajafh8t

  • MD5

    59b7867b993f6a66891271a43964ee3c

  • SHA1

    a33f1e7aa823e08fd39e2c052f6342b0cd8b61ed

  • SHA256

    3cea5fa48fe5f9d3e6e7e6249277dcbeef2f558bcee1395947070cf9425bcee1

  • SHA512

    112674a30d4552563688d037bff63c67650ebc2d06cbd6bda2672adc1fd93fdc85d2b5a004d286cab30900eda9e540b3af6d3545d5b57caba696c5ba5ccba0cd

  • SSDEEP

    393216:CvBGFZjC0mmzdHfXi1G5SnvOXqlMpgDpn2a+jsxIDiYC:O2pCFEfi1G502cMq9l9xIG9

Malware Config

Targets

    • Target

      2024-05-28_59b7867b993f6a66891271a43964ee3c_icedid

    • Size

      16.8MB

    • MD5

      59b7867b993f6a66891271a43964ee3c

    • SHA1

      a33f1e7aa823e08fd39e2c052f6342b0cd8b61ed

    • SHA256

      3cea5fa48fe5f9d3e6e7e6249277dcbeef2f558bcee1395947070cf9425bcee1

    • SHA512

      112674a30d4552563688d037bff63c67650ebc2d06cbd6bda2672adc1fd93fdc85d2b5a004d286cab30900eda9e540b3af6d3545d5b57caba696c5ba5ccba0cd

    • SSDEEP

      393216:CvBGFZjC0mmzdHfXi1G5SnvOXqlMpgDpn2a+jsxIDiYC:O2pCFEfi1G502cMq9l9xIG9

    • UPX dump on OEP (original entry point)

    • ACProtect 1.3x - 1.4x DLL software

      Detects file using ACProtect software.

    • UPX packed file

      Detects executables packed with UPX/modified UPX open source packer.

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks