1e42153407ae1f593b5ad9b9b043f95dfd30f773874fbd0741ad1e5b5af2c490 | Triage

Sharing

General

Target

2024-09-29_7c740ef443c7ed33df4b85479ee25408_icedid
Size

907KB
Sample

240929-d2e7dsyblk
MD5

7c740ef443c7ed33df4b85479ee25408
SHA1

1078462d6e5cbbc91a8c76a613599e7aba88902a
SHA256

1e42153407ae1f593b5ad9b9b043f95dfd30f773874fbd0741ad1e5b5af2c490
SHA512

7cefe2c71013068c5aaeb2ea2a61b6a847acb768244bd585f1fc7ea23ed3e517f19873fbf33fa7408c2443c6389b7e96887c23ee0a72d19379cd6f5e1fe3dba6
SSDEEP

12288:UKBbJ0pcx9iEZS1ixBIaHVCHqn3dBLuRvJTYcdMbGXhgY0Xdpk9pGHNu4B2UqpIm:LN0pcnRmixBgQwrYcdMbGXuXdbI4rYB

Score

7^/10

discovery

Malware Config

Targets

- Target
  
  2024-09-29_7c740ef443c7ed33df4b85479ee25408_icedid
- Size
  
  907KB
- MD5
  
  7c740ef443c7ed33df4b85479ee25408
- SHA1
  
  1078462d6e5cbbc91a8c76a613599e7aba88902a
- SHA256
  
  1e42153407ae1f593b5ad9b9b043f95dfd30f773874fbd0741ad1e5b5af2c490
- SHA512
  
  7cefe2c71013068c5aaeb2ea2a61b6a847acb768244bd585f1fc7ea23ed3e517f19873fbf33fa7408c2443c6389b7e96887c23ee0a72d19379cd6f5e1fe3dba6
- SSDEEP
  
  12288:UKBbJ0pcx9iEZS1ixBIaHVCHqn3dBLuRvJTYcdMbGXhgY0Xdpk9pGHNu4B2UqpIm:LN0pcnRmixBgQwrYcdMbGXuXdbI4rYB
Score

7^/10

discovery
- Executes dropped EXE
- Loads dropped DLL
- Enumerates connected drives
  Attempts to read the root path of hard drives other than the default C: drive.
- Drops autorun.inf file
  Malware can abuse Windows Autorun to spread further via attached volumes.
- Drops file in System32 directory
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Replication Through Removable Media

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Peripheral Device Discovery

Query Registry

System Information Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Replication Through Removable Media

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2