98fa92e6fee2cebb86d96fb00f28864bb8ad2373f188ac3776d3802ba9c747be | Triage

Sharing

General

Target

2024-05-28_e3f20b44500294ef2590e1641aef580a_icedid
Size

10.0MB
Sample

240528-w86l2afd5y
MD5

e3f20b44500294ef2590e1641aef580a
SHA1

e4a3be03f4b233db7f4c26c6688832d006f17df8
SHA256

98fa92e6fee2cebb86d96fb00f28864bb8ad2373f188ac3776d3802ba9c747be
SHA512

c2b6d897f20221d554eb77e335983443ed59d3af7706c8c914c9adc0d9647fa286e5efdefbae17019281653d8ce5f1ff3bbc6f1e98644bc70c258da4df710268
SSDEEP

98304:3u5x6M1WopNhS9Yw8yPNhS9Yw8yuFhHZhANhS9Yw8yEF:AiewflwfAh+wfEF

Score

8^/10

persistence ransomware

Malware Config

Targets

- Target
  
  2024-05-28_e3f20b44500294ef2590e1641aef580a_icedid
- Size
  
  10.0MB
- MD5
  
  e3f20b44500294ef2590e1641aef580a
- SHA1
  
  e4a3be03f4b233db7f4c26c6688832d006f17df8
- SHA256
  
  98fa92e6fee2cebb86d96fb00f28864bb8ad2373f188ac3776d3802ba9c747be
- SHA512
  
  c2b6d897f20221d554eb77e335983443ed59d3af7706c8c914c9adc0d9647fa286e5efdefbae17019281653d8ce5f1ff3bbc6f1e98644bc70c258da4df710268
- SSDEEP
  
  98304:3u5x6M1WopNhS9Yw8yPNhS9Yw8yuFhHZhANhS9Yw8yEF:AiewflwfAh+wfEF
Score

8^/10

persistence ransomware
- Drops file in Drivers directory
- Adds Run key to start application
  persistence
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

behavioral2

persistenceransomware