6795f3912d47769ffb39d713ef62ae77b39521197d738b59145a1e245e0c6cf8 | Triage

Sharing

General

Target

2024-08-26_2d499ba7fb093d29f703917052cbdba2_hacktools_icedid
Size

2.5MB
Sample

240826-a6p1lsvfnc
MD5

2d499ba7fb093d29f703917052cbdba2
SHA1

596f6b7c98356839210fb4ddf9deb55d1d71d65e
SHA256

6795f3912d47769ffb39d713ef62ae77b39521197d738b59145a1e245e0c6cf8
SHA512

ea6091bc0a96cb7e6537793f7a0b588b853ba4a1c2e0c86f9b560b8a571c07a19051fbb74b5e050b1766c2a3ecaa0bc865bf4944aa12b63b88d17a2f8ebb3c81
SSDEEP

49152:XmvdgqxpQzgXQ3TooLeYN/yKiZ3pWBST1W5KiZ/:IZpQzgXgkoLpN/yKO8OW5KO/

Score

7^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  2024-08-26_2d499ba7fb093d29f703917052cbdba2_hacktools_icedid
- Size
  
  2.5MB
- MD5
  
  2d499ba7fb093d29f703917052cbdba2
- SHA1
  
  596f6b7c98356839210fb4ddf9deb55d1d71d65e
- SHA256
  
  6795f3912d47769ffb39d713ef62ae77b39521197d738b59145a1e245e0c6cf8
- SHA512
  
  ea6091bc0a96cb7e6537793f7a0b588b853ba4a1c2e0c86f9b560b8a571c07a19051fbb74b5e050b1766c2a3ecaa0bc865bf4944aa12b63b88d17a2f8ebb3c81
- SSDEEP
  
  49152:XmvdgqxpQzgXQ3TooLeYN/yKiZ3pWBST1W5KiZ/:IZpQzgXgkoLpN/yKO8OW5KO/
Score

7^/10

discovery persistence privilege_escalation
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Netsh Helper DLL

Privilege Escalation

Event Triggered Execution

Netsh Helper DLL

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation