General
-
Target
2024-05-29_c96242c5b4ed03a7f154e824119c2848_icedid
-
Size
4.3MB
-
Sample
240529-jecewafh89
-
MD5
c96242c5b4ed03a7f154e824119c2848
-
SHA1
7cc00ae44b32e7294bb206f06a38ebe16febd965
-
SHA256
0579352a87ff035067c25c9e6fa490673dfa94da80a3562a94f7ce7735248c1b
-
SHA512
a25e103fb17ec285255e09d851bc85d4f9787220e761625bb8d0a2386ca62d00dcbf6fe489b969b7af2e173b3dab3bdbc0f97e28f3e30ad2c37001755dec06ce
-
SSDEEP
49152:oQZAdVyVT9n/Gg0P+WhodJKFBY+LoY2G/uW16js/+EoETONa4O8b8ITDnl/hFx+y:BGdVyVT9nOgmhcJoY+LoYLVWE+EoEq
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-29_c96242c5b4ed03a7f154e824119c2848_icedid.exe
Resource
win7-20240508-en
Malware Config
Targets
-
-
Target
2024-05-29_c96242c5b4ed03a7f154e824119c2848_icedid
-
Size
4.3MB
-
MD5
c96242c5b4ed03a7f154e824119c2848
-
SHA1
7cc00ae44b32e7294bb206f06a38ebe16febd965
-
SHA256
0579352a87ff035067c25c9e6fa490673dfa94da80a3562a94f7ce7735248c1b
-
SHA512
a25e103fb17ec285255e09d851bc85d4f9787220e761625bb8d0a2386ca62d00dcbf6fe489b969b7af2e173b3dab3bdbc0f97e28f3e30ad2c37001755dec06ce
-
SSDEEP
49152:oQZAdVyVT9n/Gg0P+WhodJKFBY+LoY2G/uW16js/+EoETONa4O8b8ITDnl/hFx+y:BGdVyVT9nOgmhcJoY+LoYLVWE+EoEq
-
Gh0st RAT payload
-
UPX dump on OEP (original entry point)
-
Drops file in Drivers directory
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-