General
-
Target
2024-07-30_820cd8086b660e552e5f7ee1f7eb35e5_floxif_icedid
-
Size
6.4MB
-
Sample
240730-ayrjgatbre
-
MD5
820cd8086b660e552e5f7ee1f7eb35e5
-
SHA1
db82205175d8f4b06ca1aaf575898ce231eec4ae
-
SHA256
8d88192f24ddfc9324dfca7e8b5c0d2ee6818af4df1ae774a9608246fa532ac1
-
SHA512
e04cf14408eea9f349da44a3169ac2c359d7b67c576837389c176a2c70ce000afc9be6003d7b10d3f672ce478b5e7ef8f9fa34aec467cb796621e2f03a00bdb4
-
SSDEEP
98304:7acgWC6MbNe3tx5O4ZNpLXp33EBqMUBB2Z6YfCuB0iSwgqdN5GAp:KlpIx5O2NpTSBGT46YfCuB0bwfN5GAp
Static task
static1
Behavioral task
behavioral1
Sample
2024-07-30_820cd8086b660e552e5f7ee1f7eb35e5_floxif_icedid.exe
Resource
win7-20240708-en
Malware Config
Targets
-
-
Target
2024-07-30_820cd8086b660e552e5f7ee1f7eb35e5_floxif_icedid
-
Size
6.4MB
-
MD5
820cd8086b660e552e5f7ee1f7eb35e5
-
SHA1
db82205175d8f4b06ca1aaf575898ce231eec4ae
-
SHA256
8d88192f24ddfc9324dfca7e8b5c0d2ee6818af4df1ae774a9608246fa532ac1
-
SHA512
e04cf14408eea9f349da44a3169ac2c359d7b67c576837389c176a2c70ce000afc9be6003d7b10d3f672ce478b5e7ef8f9fa34aec467cb796621e2f03a00bdb4
-
SSDEEP
98304:7acgWC6MbNe3tx5O4ZNpLXp33EBqMUBB2Z6YfCuB0iSwgqdN5GAp:KlpIx5O2NpTSBGT46YfCuB0bwfN5GAp
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Executes dropped EXE
-
Loads dropped DLL
-
Checks installed software on the system
Looks up Uninstall key entries in the registry to enumerate software on the system.
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-