General
-
Target
iceix_1.2.6.0.vir
-
Size
502KB
-
Sample
200719-xtthrcykas
-
MD5
fa0ac95c9e929f9a1933877c05be4a60
-
SHA1
3d7f5484ec822ea8f9dd021f4e4f18fa08dfc562
-
SHA256
ff6353b97df24c70f01f79c12c29d597c8fdf84675fa4ccae6994c5e8e9798cf
-
SHA512
8c75e13f65ecd02e255ff9acd0ec11166f0a9ba5a067160555db847dfcc1bc4d9f3a3b0cd3c50bc7eab074acd3d50164e6f61bb9537f17803c6f2e6c5b60d44d
Static task
static1
Behavioral task
behavioral1
Sample
iceix_1.2.6.0.vir.exe
Resource
win7v200430
Behavioral task
behavioral2
Sample
iceix_1.2.6.0.vir.exe
Resource
win10
Malware Config
Targets
-
-
Target
iceix_1.2.6.0.vir
-
Size
502KB
-
MD5
fa0ac95c9e929f9a1933877c05be4a60
-
SHA1
3d7f5484ec822ea8f9dd021f4e4f18fa08dfc562
-
SHA256
ff6353b97df24c70f01f79c12c29d597c8fdf84675fa4ccae6994c5e8e9798cf
-
SHA512
8c75e13f65ecd02e255ff9acd0ec11166f0a9ba5a067160555db847dfcc1bc4d9f3a3b0cd3c50bc7eab074acd3d50164e6f61bb9537f17803c6f2e6c5b60d44d
Score8/10-
Executes dropped EXE
-
Modifies Windows Firewall
-
Loads dropped DLL
-
Adds Run key to start application
-
Modifies service
-
Suspicious use of SetThreadContext
-