Overview

overview

9

Static

static

3

2024-06-10...id.exe

windows7-x64

9

2024-06-10...id.exe

windows10-2004-x64

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-06-10_b98fd82d30fb5972bedcfe490d82bf61_icedid

  • Size

    38.4MB

  • Sample

    240610-nyl6mshf6x

  • MD5

    b98fd82d30fb5972bedcfe490d82bf61

  • SHA1

    7a4e98c13d7fad348d408c7904c1c0c248803340

  • SHA256

    febf2ca4d433c5cf54c65aa7c7e09e1d2afc443bada2ff9773f7d8e5812e9f65

  • SHA512

    9400d5e3dd844a472dd991101ed63e6ef26fd665ed7f0cdebea1a3a3598aa138651aac651eebc63f8221c7a1290ea720668189b2c7247af62fe5ca4b58d649d3

  • SSDEEP

    786432:CejfTZH3PqRky+Ywd/mrVioPL4KhXXVVuVoB/SK2sv:fjbZXPImuU8EKV6C

Score
9/10
discovery

Malware Config

Targets

    • Target

      2024-06-10_b98fd82d30fb5972bedcfe490d82bf61_icedid

    • Size

      38.4MB

    • MD5

      b98fd82d30fb5972bedcfe490d82bf61

    • SHA1

      7a4e98c13d7fad348d408c7904c1c0c248803340

    • SHA256

      febf2ca4d433c5cf54c65aa7c7e09e1d2afc443bada2ff9773f7d8e5812e9f65

    • SHA512

      9400d5e3dd844a472dd991101ed63e6ef26fd665ed7f0cdebea1a3a3598aa138651aac651eebc63f8221c7a1290ea720668189b2c7247af62fe5ca4b58d649d3

    • SSDEEP

      786432:CejfTZH3PqRky+Ywd/mrVioPL4KhXXVVuVoB/SK2sv:fjbZXPImuU8EKV6C

    Score
    9/10
    discovery

    • UPX dump on OEP (original entry point)

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Blocklisted process makes network request

    • Checks installed software on the system

      Looks up Uninstall key entries in the registry to enumerate software on the system.

      discovery

    • Enumerates connected drives

      Attempts to read the root path of hard drives other than the default C: drive.

    • Drops file in System32 directory

    • Suspicious use of NtSetInformationThreadHideFromDebugger

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks