Analysis

  • max time kernel
    147s
  • max time network
    154s
  • platform
    windows7_x64
  • resource
    win7
  • submitted
    01-08-2020 19:37

General

  • Target

    SecuriteInfo.com.Trojan.IcedID.27.20373.18749.exe

  • Size

    60KB

  • MD5

    654fdcfb7334c24fff5452d60a67083c

  • SHA1

    6b994050872b5565daaa65e063076fd3ed0afc38

  • SHA256

    f42b5acdb0f61b1c030a75692200c43a707b3bf40394271e1adc7ebbb98ee1db

  • SHA512

    d6ed90641b80a0ade3925f646e34b20f7cac57cf471ff1b2d8c935eab4d8b8d770abc730a8f0315fe9393e87f1991708c62ca9215133ba96e455ba879e7295cf

Score
1/10

Malware Config

Signatures

  • Suspicious use of SetWindowsHookEx 2 IoCs
  • Modifies system certificate store 2 TTPs 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.IcedID.27.20373.18749.exe
    "C:\Users\Admin\AppData\Local\Temp\SecuriteInfo.com.Trojan.IcedID.27.20373.18749.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Modifies system certificate store
    PID:1456

Network

MITRE ATT&CK Matrix ATT&CK v6

Defense Evasion

Install Root Certificate

1
T1130

Modify Registry

1
T1112

Replay Monitor

Loading Replay Monitor...

Downloads

  • memory/1456-0-0x00000000002F0000-0x00000000002F6000-memory.dmp
    Filesize

    24KB