General
-
Target
2024-05-29_69599f6b37fb75a88be6121cbdf8cfe8_icedid
-
Size
3.2MB
-
Sample
240529-fgnzxaba2x
-
MD5
69599f6b37fb75a88be6121cbdf8cfe8
-
SHA1
c6538bd057e6de5059aaff542d053fbaf0b06671
-
SHA256
9b6605e129266a2c4d0c8658dd5d1861a910f7610ba4c5aa33c78644b7875e61
-
SHA512
4c7593dd79ea58b43c91de74d4e1272de8684915f5b9a61973d6e20b6dfbd9993d7e67aabfd03bb5c1118da86b4a5d5134e55f594e544c1522d97569aaa264ce
-
SSDEEP
49152:yCwsbCANnKXferL7Vwe/Gg0P+WhZ53LBfL+5DGC:Vws2ANnKXOaeOgmhZ1LBfsDd
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-29_69599f6b37fb75a88be6121cbdf8cfe8_icedid.exe
Resource
win7-20231129-en
Malware Config
Targets
-
-
Target
2024-05-29_69599f6b37fb75a88be6121cbdf8cfe8_icedid
-
Size
3.2MB
-
MD5
69599f6b37fb75a88be6121cbdf8cfe8
-
SHA1
c6538bd057e6de5059aaff542d053fbaf0b06671
-
SHA256
9b6605e129266a2c4d0c8658dd5d1861a910f7610ba4c5aa33c78644b7875e61
-
SHA512
4c7593dd79ea58b43c91de74d4e1272de8684915f5b9a61973d6e20b6dfbd9993d7e67aabfd03bb5c1118da86b4a5d5134e55f594e544c1522d97569aaa264ce
-
SSDEEP
49152:yCwsbCANnKXferL7Vwe/Gg0P+WhZ53LBfL+5DGC:Vws2ANnKXOaeOgmhZ1LBfsDd
-
Gh0st RAT payload
-
UPX dump on OEP (original entry point)
-
Drops file in Drivers directory
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-
Drops file in System32 directory
-