2e19661613e60b1355daf01f23f62ca13096470761aa23e82b86afe637952521 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-10-13_9484f9082ac6398a23140bb79690acee_icedid
Size

19.2MB
Sample

241013-bwkhtawgkl
MD5

9484f9082ac6398a23140bb79690acee
SHA1

1ef37f958a2767fea7afaaa40e3336359bc9ebaa
SHA256

2e19661613e60b1355daf01f23f62ca13096470761aa23e82b86afe637952521
SHA512

417f952974132d4ca922044a75361cdaf49676bacaeecfe15920d9c831f4160dc6af22c5e4df0273442673d79c49e3a8798519462dcf78742ed3d43971aaee76
SSDEEP

196608:Ai8kLMwz5i8kLMwzlqhfXaZ+QdkZUO9N+e6qFFMrI7bGCcg:4kLMM1kLMMlea3k16ycI+

Score

8^/10

discovery persistence ransomware

Malware Config

Targets

- Target
  
  2024-10-13_9484f9082ac6398a23140bb79690acee_icedid
- Size
  
  19.2MB
- MD5
  
  9484f9082ac6398a23140bb79690acee
- SHA1
  
  1ef37f958a2767fea7afaaa40e3336359bc9ebaa
- SHA256
  
  2e19661613e60b1355daf01f23f62ca13096470761aa23e82b86afe637952521
- SHA512
  
  417f952974132d4ca922044a75361cdaf49676bacaeecfe15920d9c831f4160dc6af22c5e4df0273442673d79c49e3a8798519462dcf78742ed3d43971aaee76
- SSDEEP
  
  196608:Ai8kLMwz5i8kLMwzlqhfXaZ+QdkZUO9N+e6qFFMrI7bGCcg:4kLMM1kLMMlea3k16ycI+
Score

8^/10

discovery persistence ransomware
- Drops file in Drivers directory
- Adds Run key to start application
  persistence
- Sets desktop wallpaper using registry
  ransomware
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Privilege Escalation

Boot or Logon Autostart Execution

Registry Run Keys / Startup Folder

Defense Evasion

Modify Registry

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Defacement

Tasks

static1

behavioral1

discoverypersistence

behavioral2

discoverypersistenceransomware