General
-
Target
2024-07-31_66bc565e7621f6c0d6acbf445883099a_floxif_icedid
-
Size
2.6MB
-
Sample
240731-a5rg2sxfkm
-
MD5
66bc565e7621f6c0d6acbf445883099a
-
SHA1
abebc1789896d7115432de795cabd4702f433445
-
SHA256
7a298ca4f440ef969e39cfee3b62244e17a7cb3dc942e856551fb9a8795dfea2
-
SHA512
f2202625e0ce248fc8ef688864b2bd12b0d2ebb0e4aa39e6f576615083e555cc22bffb80716a125579121cb8365e120ec76023ca176a17dd289b521e217df709
-
SSDEEP
24576:RpqzhKwykVFLvty85U+PzY0Ff5lAVElV7mTYSlNGaql80d6PSdTjo8ufJa/zfzk1:RpAhDFy+zWOgNvql80gQTWfJa/jzkjk+
Static task
static1
Behavioral task
behavioral1
Sample
2024-07-31_66bc565e7621f6c0d6acbf445883099a_floxif_icedid.exe
Resource
win7-20240704-en
Malware Config
Targets
-
-
Target
2024-07-31_66bc565e7621f6c0d6acbf445883099a_floxif_icedid
-
Size
2.6MB
-
MD5
66bc565e7621f6c0d6acbf445883099a
-
SHA1
abebc1789896d7115432de795cabd4702f433445
-
SHA256
7a298ca4f440ef969e39cfee3b62244e17a7cb3dc942e856551fb9a8795dfea2
-
SHA512
f2202625e0ce248fc8ef688864b2bd12b0d2ebb0e4aa39e6f576615083e555cc22bffb80716a125579121cb8365e120ec76023ca176a17dd289b521e217df709
-
SSDEEP
24576:RpqzhKwykVFLvty85U+PzY0Ff5lAVElV7mTYSlNGaql80d6PSdTjo8ufJa/zfzk1:RpAhDFy+zWOgNvql80gQTWfJa/jzkjk+
-
Detects Floxif payload
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-