General

  • Target

    iceix_1.1.7.0.vir

  • Size

    229KB

  • Sample

    200719-y3a69hckys

  • MD5

    b6dac7e49ff5824a709ad24c45620c96

  • SHA1

    ca8501018fe722c3abdb8eaf61f088f3541e8021

  • SHA256

    a3725e98e15a959f04ed86484d7f6ba845a6f194b855e742590b464adef0c780

  • SHA512

    4f5a77adf1b82b2cf6057c016298dcb0d8b0bea1555c378a317d5b60a1d7a98f19b6492ba8bebb0a0e66e403b1935de19817f371e06b34f2dda86e290f5ac0ba

Score
8/10

Malware Config

Targets

    • Target

      iceix_1.1.7.0.vir

    • Size

      229KB

    • MD5

      b6dac7e49ff5824a709ad24c45620c96

    • SHA1

      ca8501018fe722c3abdb8eaf61f088f3541e8021

    • SHA256

      a3725e98e15a959f04ed86484d7f6ba845a6f194b855e742590b464adef0c780

    • SHA512

      4f5a77adf1b82b2cf6057c016298dcb0d8b0bea1555c378a317d5b60a1d7a98f19b6492ba8bebb0a0e66e403b1935de19817f371e06b34f2dda86e290f5ac0ba

    Score
    8/10
    • Executes dropped EXE

    • Deletes itself

    • Loads dropped DLL

    • Adds Run key to start application

    • Suspicious use of SetThreadContext

MITRE ATT&CK Matrix ATT&CK v6

Persistence

Registry Run Keys / Startup Folder

1
T1060

Defense Evasion

Modify Registry

2
T1112

Tasks