General

  • Target

    iceix_1.1.9.0.vir

  • Size

    133KB

  • Sample

    200719-4kxmcnnwes

  • MD5

    d95ee3bc107f56a0eba7ac26b5d64d19

  • SHA1

    e44872d85ae1d6e165d72252f4055e47d59c4c59

  • SHA256

    476a2cba7810fec1e2036c840308d603fce4b69c3b4fbb7d6938f89346a6adfd

  • SHA512

    d457897cee15821c7acc658f849842150546c50d87cd3c46acd377f19b1c380817f1aec5e864563638214d3df35c895edb95e9068b71d8be71deeb430e0ca352

Score
8/10

Malware Config

Targets

    • Target

      iceix_1.1.9.0.vir

    • Size

      133KB

    • MD5

      d95ee3bc107f56a0eba7ac26b5d64d19

    • SHA1

      e44872d85ae1d6e165d72252f4055e47d59c4c59

    • SHA256

      476a2cba7810fec1e2036c840308d603fce4b69c3b4fbb7d6938f89346a6adfd

    • SHA512

      d457897cee15821c7acc658f849842150546c50d87cd3c46acd377f19b1c380817f1aec5e864563638214d3df35c895edb95e9068b71d8be71deeb430e0ca352

    Score
    8/10
    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Registry Run Keys / Startup Folder

1
T1060

Defense Evasion

Modify Registry

2
T1112

Tasks