General
-
Target
2024-11-13_08bfcb7b2d9d752db8a85196c61f14fd_icedid
-
Size
16.6MB
-
Sample
241113-n75pcasakq
-
MD5
08bfcb7b2d9d752db8a85196c61f14fd
-
SHA1
85c2cd523e557000857c0298f5a82865742f1114
-
SHA256
6ea0b2cf655c6bf0c44dac0b9ab0fc97c2ee52b4873f48cb1243616a59669a46
-
SHA512
f7ee89293eab92a6eae4e1f14af9f7ea131f83170664ecc515773b4baaf288bdf7ecfab05df89e3edf582b68d6d506a8b5e6d4318fa6d989dc216a401305c0cb
-
SSDEEP
393216:jvBGFZjC0mmzdHfXi1G5SnvOXqlMpgDpn2a+jsxIDiYI:92pCFEfi1G502cMq9l9xIGT
Static task
static1
Behavioral task
behavioral1
Sample
2024-11-13_08bfcb7b2d9d752db8a85196c61f14fd_icedid.exe
Resource
win7-20241010-en
Malware Config
Targets
-
-
Target
2024-11-13_08bfcb7b2d9d752db8a85196c61f14fd_icedid
-
Size
16.6MB
-
MD5
08bfcb7b2d9d752db8a85196c61f14fd
-
SHA1
85c2cd523e557000857c0298f5a82865742f1114
-
SHA256
6ea0b2cf655c6bf0c44dac0b9ab0fc97c2ee52b4873f48cb1243616a59669a46
-
SHA512
f7ee89293eab92a6eae4e1f14af9f7ea131f83170664ecc515773b4baaf288bdf7ecfab05df89e3edf582b68d6d506a8b5e6d4318fa6d989dc216a401305c0cb
-
SSDEEP
393216:jvBGFZjC0mmzdHfXi1G5SnvOXqlMpgDpn2a+jsxIDiYI:92pCFEfi1G502cMq9l9xIGT
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Checks computer location settings
Looks up country code configured in the registry, likely geofence.
-
Drops file in System32 directory
-
MITRE ATT&CK Enterprise v15
Execution
Command and Scripting Interpreter
1PowerShell
1Scheduled Task/Job
1Scheduled Task
1Defense Evasion
Modify Registry
1Subvert Trust Controls
1Install Root Certificate
1