General
-
Target
2024-06-28_eb5f40b5d0bea0073442aa814a63b50f_floxif_icedid
-
Size
3.9MB
-
Sample
240628-r53zhsvcmh
-
MD5
eb5f40b5d0bea0073442aa814a63b50f
-
SHA1
0b8e72d801d7397ca4e250fa03cc1ab3c51a176a
-
SHA256
e75cc7b7f27f01a8e48b0e9b69a08ba62b703c7edacf3be70d0f1c461688cc8c
-
SHA512
eecb57290fcb9e9e227859a7fe8fd24d1b31ace414799b1981f191eedf103b56f370abaa8bea55b0c6794a055c03e7f750cab17eede854a390c46fe90413ea5d
-
SSDEEP
49152:QegiSP2SQ8p6ymw5G5s1CmKvMdcZr0vq1N3t3TcoPbz8717n8Tqe:Qe0Q6IwV120WD1N3t7Pkxb8Tp
Static task
static1
Behavioral task
behavioral1
Sample
2024-06-28_eb5f40b5d0bea0073442aa814a63b50f_floxif_icedid.exe
Resource
win7-20240611-en
Malware Config
Targets
-
-
Target
2024-06-28_eb5f40b5d0bea0073442aa814a63b50f_floxif_icedid
-
Size
3.9MB
-
MD5
eb5f40b5d0bea0073442aa814a63b50f
-
SHA1
0b8e72d801d7397ca4e250fa03cc1ab3c51a176a
-
SHA256
e75cc7b7f27f01a8e48b0e9b69a08ba62b703c7edacf3be70d0f1c461688cc8c
-
SHA512
eecb57290fcb9e9e227859a7fe8fd24d1b31ace414799b1981f191eedf103b56f370abaa8bea55b0c6794a055c03e7f750cab17eede854a390c46fe90413ea5d
-
SSDEEP
49152:QegiSP2SQ8p6ymw5G5s1CmKvMdcZr0vq1N3t3TcoPbz8717n8Tqe:Qe0Q6IwV120WD1N3t7Pkxb8Tp
-
UPX dump on OEP (original entry point)
-
Event Triggered Execution: AppInit DLLs
Adversaries may establish persistence and/or elevate privileges by executing malicious content triggered by AppInit DLLs loaded into processes.
-
ACProtect 1.3x - 1.4x DLL software
Detects file using ACProtect software.
-
Loads dropped DLL
-
Enumerates connected drives
Attempts to read the root path of hard drives other than the default C: drive.
-