Overview

overview

7

Static

static

3

b523d0a039...JC.exe

windows7-x64

7

b523d0a039...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    118s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20230712-en
  • resource tags

    arch:x64arch:x86image:win7-20230712-enlocale:en-usos:windows7-x64system
  • submitted
    27-08-2023 17:13

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    b523d0a039579e8aadeb4cf5b6c3cf42_icedid_JC.exe

  • Size

    407KB

  • MD5

    b523d0a039579e8aadeb4cf5b6c3cf42

  • SHA1

    2a9920ac95c17d9204dbd29e154fb578ca3e252f

  • SHA256

    3a235ab1f4462848981f10f1f10aa1d83bc97b92625aa728e049b7bfca6fcf37

  • SHA512

    82429cc529f6a3d09ec012873bc905ccc9854418dd0c7cb93d0fb7a5cc316b1f6227d53ba3c2b64923ca7a8ccc564c28ce3c18df1d75e20d2f3cfa1add3ee0c7

  • SSDEEP

    12288:BplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:TxRQ+Fucuvm0as

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\b523d0a039579e8aadeb4cf5b6c3cf42_icedid_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\b523d0a039579e8aadeb4cf5b6c3cf42_icedid_JC.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2168
    • C:\Program Files\Installed\Version.exe
      "C:\Program Files\Installed\Version.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:2100

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\Installed\Version.exe
    Filesize

    407KB

    MD5

    65ba6f797a2ef5c8fc09ae9d352da877

    SHA1

    40641e360f52bae38a442874bd5b37bb14c8b6f3

    SHA256

    cafdc6d0a953968e43744d6594b0e5745a4d866827e82cac9f61bbd52ad255bd

    SHA512

    54aa3f3b70984bb269e5fe59bb36630914670865c29b5fe57d5a9e4572893ca83162640dd85909d9f93e42cb53668d026316ea828b2ef1e18e8f39d337a41742

    Download Submit

  • C:\Program Files\Installed\Version.exe
    Filesize

    407KB

    MD5

    65ba6f797a2ef5c8fc09ae9d352da877

    SHA1

    40641e360f52bae38a442874bd5b37bb14c8b6f3

    SHA256

    cafdc6d0a953968e43744d6594b0e5745a4d866827e82cac9f61bbd52ad255bd

    SHA512

    54aa3f3b70984bb269e5fe59bb36630914670865c29b5fe57d5a9e4572893ca83162640dd85909d9f93e42cb53668d026316ea828b2ef1e18e8f39d337a41742

    Download Submit

  • \Program Files\Installed\Version.exe
    Filesize

    407KB

    MD5

    65ba6f797a2ef5c8fc09ae9d352da877

    SHA1

    40641e360f52bae38a442874bd5b37bb14c8b6f3

    SHA256

    cafdc6d0a953968e43744d6594b0e5745a4d866827e82cac9f61bbd52ad255bd

    SHA512

    54aa3f3b70984bb269e5fe59bb36630914670865c29b5fe57d5a9e4572893ca83162640dd85909d9f93e42cb53668d026316ea828b2ef1e18e8f39d337a41742

    Download Submit

  • \Program Files\Installed\Version.exe
    Filesize

    407KB

    MD5

    65ba6f797a2ef5c8fc09ae9d352da877

    SHA1

    40641e360f52bae38a442874bd5b37bb14c8b6f3

    SHA256

    cafdc6d0a953968e43744d6594b0e5745a4d866827e82cac9f61bbd52ad255bd

    SHA512

    54aa3f3b70984bb269e5fe59bb36630914670865c29b5fe57d5a9e4572893ca83162640dd85909d9f93e42cb53668d026316ea828b2ef1e18e8f39d337a41742

    Download Submit