Overview

overview

7

Static

static

1

2024-08-24...im.exe

windows7-x64

7

2024-08-24...im.exe

windows10-2004-x64

7

Sharing

Copy URL Twitter E-mail

General

  • Target

    2024-08-24_d5ce24226a2f9acf41aa5a6cf6a1a056_darpapox_icedid_nymaim

  • Size

    3.8MB

  • Sample

    240824-s8kg1sxdkh

  • MD5

    d5ce24226a2f9acf41aa5a6cf6a1a056

  • SHA1

    15a19aa94d3501dd4458566f7878366786976625

  • SHA256

    5896f75ea7fb7519a783c658441e676f74153c587694136ccb4ac7c82eb45c4d

  • SHA512

    e557faf7ce6d7c6eea3e27327084c9b6882f8c52307e74475a7dda0a40c3dd8d4c6feca1a0955e0262d43f5bbdad75fd36148469f2866707186ea2300c4f5fe5

  • SSDEEP

    98304:1G5GmbnjId+XY8dVbDQ6a0ZNpylV6hxvWbrtUTrUHOc:UjnY8bQ6a0Z6lYx+NcIOc

Score
7/10
discoverypersistence

Malware Config

Targets

    • Target

      2024-08-24_d5ce24226a2f9acf41aa5a6cf6a1a056_darpapox_icedid_nymaim

    • Size

      3.8MB

    • MD5

      d5ce24226a2f9acf41aa5a6cf6a1a056

    • SHA1

      15a19aa94d3501dd4458566f7878366786976625

    • SHA256

      5896f75ea7fb7519a783c658441e676f74153c587694136ccb4ac7c82eb45c4d

    • SHA512

      e557faf7ce6d7c6eea3e27327084c9b6882f8c52307e74475a7dda0a40c3dd8d4c6feca1a0955e0262d43f5bbdad75fd36148469f2866707186ea2300c4f5fe5

    • SSDEEP

      98304:1G5GmbnjId+XY8dVbDQ6a0ZNpylV6hxvWbrtUTrUHOc:UjnY8bQ6a0Z6lYx+NcIOc

    Score
    7/10
    discoverypersistence

    • Checks computer location settings

      Looks up country code configured in the registry, likely geofence.

    • Executes dropped EXE

    • Loads dropped DLL

    • Adds Run key to start application

      persistence

    • Drops file in System32 directory

    behavioral1behavioral2

MITRE ATT&CK Enterprise v15

Tasks