1ba3d58da43bee1668eb978f2a764eaa127bc8c59334ffac3220da0dd4294945 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-08-29_cf2c61104514e606b63a30a6f6ef1ea5_hacktools_icedid
Size

2.5MB
Sample

240829-wryj4athkc
MD5

cf2c61104514e606b63a30a6f6ef1ea5
SHA1

afc094bd8dc4c53cfd3e59a5af04781033b7ede3
SHA256

1ba3d58da43bee1668eb978f2a764eaa127bc8c59334ffac3220da0dd4294945
SHA512

62bb81096c34f2d974ecf93dd6524f6898e3946922c75c7838248a65b8e18ae960489d7826d19f91f33927edc0f542eef42d9c4f01051cf532ffc48bd4ee8bcb
SSDEEP

49152:XmvdgqxpQzgXQ3TooLeYN/yKiZ3pWBST1W5KiZBP:IZpQzgXgkoLpN/yKO8OW5KOB

Score

7^/10

discovery persistence privilege_escalation

Malware Config

Targets

- Target
  
  2024-08-29_cf2c61104514e606b63a30a6f6ef1ea5_hacktools_icedid
- Size
  
  2.5MB
- MD5
  
  cf2c61104514e606b63a30a6f6ef1ea5
- SHA1
  
  afc094bd8dc4c53cfd3e59a5af04781033b7ede3
- SHA256
  
  1ba3d58da43bee1668eb978f2a764eaa127bc8c59334ffac3220da0dd4294945
- SHA512
  
  62bb81096c34f2d974ecf93dd6524f6898e3946922c75c7838248a65b8e18ae960489d7826d19f91f33927edc0f542eef42d9c4f01051cf532ffc48bd4ee8bcb
- SSDEEP
  
  49152:XmvdgqxpQzgXQ3TooLeYN/yKiZ3pWBST1W5KiZBP:IZpQzgXgkoLpN/yKO8OW5KOB
Score

7^/10

discovery persistence privilege_escalation
- Executes dropped EXE
- Loads dropped DLL
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Event Triggered Execution

Netsh Helper DLL

Privilege Escalation

Event Triggered Execution

Netsh Helper DLL

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

discoverypersistenceprivilege_escalation

behavioral2

discoverypersistenceprivilege_escalation