General
-
Target
2024-10-16_fea7bda1038f139cd51d66430a0e2eed_hacktools_icedid
-
Size
2.0MB
-
Sample
241016-y5hf5svanp
-
MD5
fea7bda1038f139cd51d66430a0e2eed
-
SHA1
332eec50535b21cb847498574a766b21a6d639b8
-
SHA256
cb2cf00879a12699c3a12483688318c2e1949a8276dd52d6ab38aede7c878fc7
-
SHA512
9c0c2b6f209183439b6c0643abd7bc472180246dfcf4da6343ed1f63b9503db8b6ad8b6218ac48d23b8c1cb71dd5088beeb0ece04e32796780289902a8471d41
-
SSDEEP
24576:PSH25PwcN2jx23LdZNtWFKVKIdaY5VFt1LuqJhDqGFeyUQPurCD8JYjSK5EC3:PlDoOTNtGKoIvfuRVy/Pur2Mg3
Behavioral task
behavioral1
Sample
2024-10-16_fea7bda1038f139cd51d66430a0e2eed_hacktools_icedid.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
2024-10-16_fea7bda1038f139cd51d66430a0e2eed_hacktools_icedid
-
Size
2.0MB
-
MD5
fea7bda1038f139cd51d66430a0e2eed
-
SHA1
332eec50535b21cb847498574a766b21a6d639b8
-
SHA256
cb2cf00879a12699c3a12483688318c2e1949a8276dd52d6ab38aede7c878fc7
-
SHA512
9c0c2b6f209183439b6c0643abd7bc472180246dfcf4da6343ed1f63b9503db8b6ad8b6218ac48d23b8c1cb71dd5088beeb0ece04e32796780289902a8471d41
-
SSDEEP
24576:PSH25PwcN2jx23LdZNtWFKVKIdaY5VFt1LuqJhDqGFeyUQPurCD8JYjSK5EC3:PlDoOTNtGKoIvfuRVy/Pur2Mg3
-
Detect Blackmoon payload
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Deletes itself
-
Drops startup file
-
Executes dropped EXE
-
Loads dropped DLL
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-