General
-
Target
2024-05-29_dea95c01bd90a9929973dd9b1fbafa73_icedid
-
Size
4.2MB
-
Sample
240529-jgchnafc5y
-
MD5
dea95c01bd90a9929973dd9b1fbafa73
-
SHA1
72591310d5a4bf328dc69575a0ab6de8f3e79e65
-
SHA256
cd765019fe6a9d1edff28906a4000b4dbe7c3c049a7dea1d775eb5a7131fbf7a
-
SHA512
5885b26120a8c4870c0de552bf33870388ccc4f6d08feec0e8c8099dbf840ba00fdeca569e658eae5873c05724155873bef2fdecf2a1d9be2fc9ab1107f87f15
-
SSDEEP
49152:pQZAdVyVT9n/Gg0P+WhoGmigy13TW4jFCs2pfRdO8u60N1xcdd9gVIkdqfvEAkq/:6GdVyVT9nOgmhQ3Ts21i8WN1igVIf6O
Static task
static1
Behavioral task
behavioral1
Sample
2024-05-29_dea95c01bd90a9929973dd9b1fbafa73_icedid.exe
Resource
win7-20240221-en
Malware Config
Targets
-
-
Target
2024-05-29_dea95c01bd90a9929973dd9b1fbafa73_icedid
-
Size
4.2MB
-
MD5
dea95c01bd90a9929973dd9b1fbafa73
-
SHA1
72591310d5a4bf328dc69575a0ab6de8f3e79e65
-
SHA256
cd765019fe6a9d1edff28906a4000b4dbe7c3c049a7dea1d775eb5a7131fbf7a
-
SHA512
5885b26120a8c4870c0de552bf33870388ccc4f6d08feec0e8c8099dbf840ba00fdeca569e658eae5873c05724155873bef2fdecf2a1d9be2fc9ab1107f87f15
-
SSDEEP
49152:pQZAdVyVT9n/Gg0P+WhoGmigy13TW4jFCs2pfRdO8u60N1xcdd9gVIkdqfvEAkq/:6GdVyVT9nOgmhQ3Ts21i8WN1igVIf6O
-
Gh0st RAT payload
-
UPX dump on OEP (original entry point)
-
Drops file in Drivers directory
-
Sets DLL path for service in the registry
-
Sets service image path in registry
-
Executes dropped EXE
-
Loads dropped DLL
-
Drops file in System32 directory
-