Overview

overview

7

Static

static

3

2b4183057e...JC.exe

windows7-x64

7

2b4183057e...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    141s
  • max time network
    154s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230703-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230703-enlocale:en-usos:windows10-2004-x64system
  • submitted
    01-08-2023 15:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2b4183057e942b85db8fbebeea917af3_icedid_JC.exe

  • Size

    406KB

  • MD5

    2b4183057e942b85db8fbebeea917af3

  • SHA1

    12b91b2366933d9ffe4c2b6b37ea52cb097a5ed5

  • SHA256

    c9ed537efa6a82c5c768b47ede0c20ae151363e52a191b0b51b42c1b800db2c0

  • SHA512

    d5396e3e7866780f5550b758eee8254c2354fa06fa209edeb0b1047f88d4c2b2fe9f6413613403de1d9afe99618e73e728784c355f5064bd9cf1dc2f9d6fda3b

  • SSDEEP

    12288:+plrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:qxRQ+Fucuvm0as

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2b4183057e942b85db8fbebeea917af3_icedid_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\2b4183057e942b85db8fbebeea917af3_icedid_JC.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4928
    • C:\Program Files\games\that.exe
      "C:\Program Files\games\that.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:3144

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\games\that.exe
    Filesize

    406KB

    MD5

    52529d24dd3c04f20c08262f1ae629e8

    SHA1

    ab70574ee45ff64827a4e3c2989aba381fe0164c

    SHA256

    b799e603c58a4caee2a5497224dc65effa8a1ab6ad3efcc6478c994413f46dd7

    SHA512

    6c60b609ae4f5e2279dcf95ea11aa367502a1cf5273ad01426314387b32456a19714c872e975e9d2dc8cda2c82bfe74e76455af12c2bee5e29114e426d796442

    Download Submit

  • C:\Program Files\games\that.exe
    Filesize

    406KB

    MD5

    52529d24dd3c04f20c08262f1ae629e8

    SHA1

    ab70574ee45ff64827a4e3c2989aba381fe0164c

    SHA256

    b799e603c58a4caee2a5497224dc65effa8a1ab6ad3efcc6478c994413f46dd7

    SHA512

    6c60b609ae4f5e2279dcf95ea11aa367502a1cf5273ad01426314387b32456a19714c872e975e9d2dc8cda2c82bfe74e76455af12c2bee5e29114e426d796442

    Download Submit