General

  • Target

    2024-06-11_2bdb364100da230caa916a1d0b222196_darpapox_icedid_nymaim

  • Size

    6.5MB

  • Sample

    240611-lr2xeashql

  • MD5

    2bdb364100da230caa916a1d0b222196

  • SHA1

    2e238c7af2208a6c8fd389c8490d3c1505474ea0

  • SHA256

    85816af8c8d46738ba85f4fe659ed2ea746e6075764d1e618a6783483439efa4

  • SHA512

    af1767bbb8abeea7096f9df680ef094ee9da9919665e5230b279995591e43433759951917dd1063ad59a2a96def9778f54c83c87620354baf3f524d1b78b9d0a

  • SSDEEP

    98304:1CMiJsfhkdZ/4entZBidKU3f0EGGG7Ee9sRqLsehHfd/w6Ox6hxvWbrtUTrUHO2V:niJEk//RJUObLsehHfRwB0x+NcIOs

Score
7/10

Malware Config

Targets

    • Target

      2024-06-11_2bdb364100da230caa916a1d0b222196_darpapox_icedid_nymaim

    • Size

      6.5MB

    • MD5

      2bdb364100da230caa916a1d0b222196

    • SHA1

      2e238c7af2208a6c8fd389c8490d3c1505474ea0

    • SHA256

      85816af8c8d46738ba85f4fe659ed2ea746e6075764d1e618a6783483439efa4

    • SHA512

      af1767bbb8abeea7096f9df680ef094ee9da9919665e5230b279995591e43433759951917dd1063ad59a2a96def9778f54c83c87620354baf3f524d1b78b9d0a

    • SSDEEP

      98304:1CMiJsfhkdZ/4entZBidKU3f0EGGG7Ee9sRqLsehHfd/w6Ox6hxvWbrtUTrUHO2V:niJEk//RJUObLsehHfRwB0x+NcIOs

    Score
    7/10
    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

    • Drops file in System32 directory

MITRE ATT&CK Enterprise v15

Tasks