Overview

overview

3

Static

static

3

IceRiver_M...ol.exe

windows7-x64

1

IceRiver_M...ol.exe

windows10-2004-x64

1

Newtonsoft.Json.dll

windows7-x64

1

Newtonsoft.Json.dll

windows10-2004-x64

1

en/ICMiner...es.dll

windows7-x64

1

en/ICMiner...es.dll

windows10-2004-x64

1

Analysis

  • max time kernel
    147s
  • max time network
    137s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    31-07-2023 23:22

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    IceRiver_MinerTool.exe

  • Size

    523KB

  • MD5

    254e1d913d8fc7cc30d343eed07e6959

  • SHA1

    5f944a9f78997a35304bea51cb031d28f90607e6

  • SHA256

    16c90e82014e50aebb492a0389fa2a2b21839d7b63489a1a4a055141bb2df13e

  • SHA512

    7c85c959b8931010620193c27e0f1b716c50fcf46f9c2c0766494e3df8142585480b3550e7687efae01d070afcddcbc3c4e3ac3bfce7400209d711f94acf0b4e

  • SSDEEP

    12288:I3UkF30hqJ1e4LNq19JmPyHEgM2B3Po5Xo9sP:D3Po5l

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: EnumeratesProcesses 2 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\IceRiver_MinerTool.exe
    "C:\Users\Admin\AppData\Local\Temp\IceRiver_MinerTool.exe"
    1⤵
    • Suspicious behavior: EnumeratesProcesses
    • Suspicious use of AdjustPrivilegeToken
    PID:4460

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\Config.xml
    Filesize

    612B

    MD5

    9935c7e88a837f4d2d3850b63a42958c

    SHA1

    a33f6a22129683da7cf824b292ac784499640326

    SHA256

    89976756df369189ee7361ea4820cc52a20e9bc1219ff6e6ac7b2057760b8bb1

    SHA512

    52890aabdcc3ef143723b3ec1c43e61ea7b26b7a00c378d58231a949ac9408f65981ebde9fdfb27e7c09d3cb6c758cc1d47398fa54c62c48202b93c11cd17987

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Config.xml
    Filesize

    1KB

    MD5

    8965abb77a1e750785dd3bf5fcc83533

    SHA1

    df3084215be6a38f8c0fdf30b01c2e52ea6e69df

    SHA256

    c4f7cd4bca0c248cc94a30078f48a3ae71025bce527134a2c76d64679b6a1555

    SHA512

    328dfb745a5e622049af69ab71839eddbe21a9250e74c22ac80edcb03186fb61018829520ef498e934d6db284683e317e6fc7c5f37df76a40155601781532eb0

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Config.xml
    Filesize

    1KB

    MD5

    d5a664b76ba051f138bc2b2c4f887145

    SHA1

    6a2544f9c2f80a31dcd7cc5ee3dbce0ac4e2448f

    SHA256

    7d096db0c92c30cc6388ae6a7e53aa02680ed3d0b038e2b7c7e1e657937eab33

    SHA512

    2b2ec071db008d91caee5911002af577a9d66e8fd0debc99f29c650f9b1b14a1bf41dbb229c6a0fbc2ec3d2bf0a61ec0ae31e952ccdb23cafd0ef6be0814bb3b

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Config.xml
    Filesize

    1KB

    MD5

    a170270dccd2fc75795544225214a988

    SHA1

    9b7c6ca6785a211814165d94c1d0b31683d22f32

    SHA256

    6fb37abeed8e1ded51af09b73104402dda766745e0f49b5d2e1bf7d1f936d66e

    SHA512

    22964f09105eeb9b042e1f8378baefbac69bfddcb91b6e5be4ec7868ead9ff809eea5266b36ab5a72d4269ed56934dd3f25e950459431c769b2dc647b01af8b3

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Config.xml
    Filesize

    2KB

    MD5

    fbde1d774344dda1ade9ace3e2ed763c

    SHA1

    42c49ecc2cc0040dc165e5ca30619af749f2530e

    SHA256

    941c36bf2ce7c4ff25d1f6009ebb230afd8f1502bfc719671c888ca0d9aa6dfb

    SHA512

    da7c2dcf6dc73c671cb65ec5f7125359894756e25c23305dd5e2ad4783e0112a8c7a8f7a61ae77abcb45390da13b9198c01f2d32711b3fa60e15689ea30d59cc

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\Config.xml
    Filesize

    2KB

    MD5

    1b5320017397788361da6b5b996f8033

    SHA1

    277f01946137248e5568e767da59ca78f2bd9341

    SHA256

    3bb14dc1a0e1491cd5b197f3a15164508dccdc5c8db033f132c8cf2999a8bf78

    SHA512

    de061acfd0ff9e70909049befb60533725765eb8bd56bb8f766a4dcd45670cc85821811d5f8798df65ff2a0853524e7f43a7262904a306426f8d3b53921a317c

    Download Submit

  • memory/4460-141-0x0000000005460000-0x000000000546A000-memory.dmp

    Filesize

    40KB

    Download

  • memory/4460-142-0x0000000009670000-0x00000000096A2000-memory.dmp

    Filesize

    200KB

    Download

  • memory/4460-143-0x0000000005660000-0x0000000005670000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4460-140-0x0000000005660000-0x0000000005670000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4460-139-0x00000000054C0000-0x0000000005552000-memory.dmp

    Filesize

    584KB

    Download

  • memory/4460-138-0x00000000059D0000-0x0000000005F74000-memory.dmp

    Filesize

    5.6MB

    Download

  • memory/4460-137-0x0000000000A00000-0x0000000000A88000-memory.dmp

    Filesize

    544KB

    Download

  • memory/4460-136-0x0000000074890000-0x0000000075040000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/4460-218-0x0000000074890000-0x0000000075040000-memory.dmp

    Filesize

    7.7MB

    Download

  • memory/4460-219-0x0000000005660000-0x0000000005670000-memory.dmp

    Filesize

    64KB

    Download

  • memory/4460-220-0x0000000005660000-0x0000000005670000-memory.dmp

    Filesize

    64KB

    Download