General
-
Target
2024-06-12_f5b15467c72c65efc691839eead2e0b8_darpapox_icedid_nymaim
-
Size
11.4MB
-
Sample
240612-y62leasfpj
-
MD5
f5b15467c72c65efc691839eead2e0b8
-
SHA1
7c6e667739b5422cddac7b2305ab8294368aa9d1
-
SHA256
c720c0ecec550783cf5047a1532fa200778d5a1a303f4445390d1b637d90fcf0
-
SHA512
efb53b7ef156fcf7d83b9f91842ce2f552a2263aaf70ed75b506ebe35b5877e3538439f0041fb4832eb30a584ffaef51d42125b2c9941770414e6276a90d82b0
-
SSDEEP
98304:2Sy3mKysr9uBx4WZTvyqL+R6ZiFLOAkGkzdnEVomFHKnPlMJ6hxvWbrtUTrUHO2/:2jB2AqL+RPFLOyomFHKnPlMsx+NcIO2
Static task
static1
Behavioral task
behavioral1
Sample
2024-06-12_f5b15467c72c65efc691839eead2e0b8_darpapox_icedid_nymaim.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2024-06-12_f5b15467c72c65efc691839eead2e0b8_darpapox_icedid_nymaim.exe
Resource
win10v2004-20240508-en
Malware Config
Targets
-
-
Target
2024-06-12_f5b15467c72c65efc691839eead2e0b8_darpapox_icedid_nymaim
-
Size
11.4MB
-
MD5
f5b15467c72c65efc691839eead2e0b8
-
SHA1
7c6e667739b5422cddac7b2305ab8294368aa9d1
-
SHA256
c720c0ecec550783cf5047a1532fa200778d5a1a303f4445390d1b637d90fcf0
-
SHA512
efb53b7ef156fcf7d83b9f91842ce2f552a2263aaf70ed75b506ebe35b5877e3538439f0041fb4832eb30a584ffaef51d42125b2c9941770414e6276a90d82b0
-
SSDEEP
98304:2Sy3mKysr9uBx4WZTvyqL+R6ZiFLOAkGkzdnEVomFHKnPlMJ6hxvWbrtUTrUHO2/:2jB2AqL+RPFLOyomFHKnPlMsx+NcIO2
Score7/10-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Executes dropped EXE
-
Loads dropped DLL
-
Adds Run key to start application
-
Drops file in System32 directory
-