General
-
Target
2024-10-17_edc233da84df0ff3e06ce73615149d5c_floxif_icedid
-
Size
1.1MB
-
Sample
241017-br8d3sxhkj
-
MD5
edc233da84df0ff3e06ce73615149d5c
-
SHA1
9e03ee023a8f4b0a32e3835bf2eef65d8ba51228
-
SHA256
76ce756e174ee90799c0218a75927b01e77a0f61c0313253ea1817778e102c6b
-
SHA512
c3c5ed38d107d1e0e50caa0b99640a1336216d83a2e7c31c211d30bab53794e739881cbd8d4596c40af3c0a4ada9e60a68660770bdbcc5b0c641e03d91a5b475
-
SSDEEP
12288:rSQTYNP57JF0ogGHTi2/zb8K90B0jkQ4Bb57I19X2lB7KuR7BjvrEH7On:7TYNVPi27b8a0HBBbQGb+8BrEH7q
Static task
static1
Behavioral task
behavioral1
Sample
2024-10-17_edc233da84df0ff3e06ce73615149d5c_floxif_icedid.exe
Resource
win7-20240903-en
Malware Config
Targets
-
-
Target
2024-10-17_edc233da84df0ff3e06ce73615149d5c_floxif_icedid
-
Size
1.1MB
-
MD5
edc233da84df0ff3e06ce73615149d5c
-
SHA1
9e03ee023a8f4b0a32e3835bf2eef65d8ba51228
-
SHA256
76ce756e174ee90799c0218a75927b01e77a0f61c0313253ea1817778e102c6b
-
SHA512
c3c5ed38d107d1e0e50caa0b99640a1336216d83a2e7c31c211d30bab53794e739881cbd8d4596c40af3c0a4ada9e60a68660770bdbcc5b0c641e03d91a5b475
-
SSDEEP
12288:rSQTYNP57JF0ogGHTi2/zb8K90B0jkQ4Bb57I19X2lB7KuR7BjvrEH7On:7TYNVPi27b8a0HBBbQGb+8BrEH7q
-
Detects Floxif payload
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-
Writes to the Master Boot Record (MBR)
Bootkits write to the MBR to gain persistence at a level below the operating system.
-