General
-
Target
2024-10-17_15cc7756eb6169a83ed450457f106158_floxif_icedid_sakula
-
Size
2.5MB
-
Sample
241017-a5gb3swekq
-
MD5
15cc7756eb6169a83ed450457f106158
-
SHA1
d9c123e32a151a59554d434a125070ec20c7b601
-
SHA256
a4e6158aac2a9adb0ecf2a9b807cee39c031146d093fb8cfacc213f8e97f8140
-
SHA512
64c642ddefd7c33b2526b36aab3e6f4e97531e8afc6b7edb5cf7894a43f042d9143563a145dac3fa2644828a4bc09b22ff01255d6d2c772ea7828116b1d11730
-
SSDEEP
24576:83X3Vm1+VxrIAkkNmo4+KzdicorJLKrnBkx8hx8K7iypDf99gG1M0K+9NbSAw9FQ:2ztNAVuKlIO8yiyVf99gGK0K+bCg
Static task
static1
Behavioral task
behavioral1
Sample
2024-10-17_15cc7756eb6169a83ed450457f106158_floxif_icedid_sakula.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
2024-10-17_15cc7756eb6169a83ed450457f106158_floxif_icedid_sakula
-
Size
2.5MB
-
MD5
15cc7756eb6169a83ed450457f106158
-
SHA1
d9c123e32a151a59554d434a125070ec20c7b601
-
SHA256
a4e6158aac2a9adb0ecf2a9b807cee39c031146d093fb8cfacc213f8e97f8140
-
SHA512
64c642ddefd7c33b2526b36aab3e6f4e97531e8afc6b7edb5cf7894a43f042d9143563a145dac3fa2644828a4bc09b22ff01255d6d2c772ea7828116b1d11730
-
SSDEEP
24576:83X3Vm1+VxrIAkkNmo4+KzdicorJLKrnBkx8hx8K7iypDf99gG1M0K+9NbSAw9FQ:2ztNAVuKlIO8yiyVf99gGK0K+bCg
-
Detects Floxif payload
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-