Overview

overview

7

Static

static

3

2023-08-22...JC.exe

windows7-x64

7

2023-08-22...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    03-09-2023 11:53

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2023-08-22_b5c9eb183d25dbab27e23e34308d73bf_icedid_JC.exe

  • Size

    249KB

  • MD5

    b5c9eb183d25dbab27e23e34308d73bf

  • SHA1

    091d12402474a20a9b50ef3035df96515df28b52

  • SHA256

    5a25e5d9ec108284272fb44ae2354db27c084b2152492aadd2cff2c6c7f50e09

  • SHA512

    41cc8406eaa1585697675c3f289367a0ebbc2432b1322384f8746847f1d7d3eb248f4d71924eb756d8afdc8613135302e831d73253bde53dcff94d9d9f4692b2

  • SSDEEP

    3072:lxUm75Fku3eKeO213SJReOqdmErj+HyHnNVIPL/+ybbiW1u46Q7qV3lU8xM:fU8Dk11CJ1qDWUNVIT/bblS9x

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 2 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2023-08-22_b5c9eb183d25dbab27e23e34308d73bf_icedid_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\2023-08-22_b5c9eb183d25dbab27e23e34308d73bf_icedid_JC.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1728
    • C:\Program Files\DirectSetup\Applications.exe
      "C:\Program Files\DirectSetup\Applications.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:3040

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\DirectSetup\Applications.exe
    Filesize

    249KB

    MD5

    b98debc1f4b9cdd2c16ea89baf8e1a76

    SHA1

    4f0d07ee0c047bc1b8ac37ba5537d73b96ed5d7f

    SHA256

    317755c4fc9dc1b89ce0777fcdcb3ef1f7944fcbc4ec931e969d598a9e148cae

    SHA512

    e0f6bbde6d1329f1d14aacd57979dab4b5da694f964c3a906e0da9978bcc0c3f4a059bff8f4312cafcaa08b48727a232a4c7ceec10bcec4f3ae38a5809a00242

    Download Submit

  • C:\Program Files\DirectSetup\Applications.exe
    Filesize

    249KB

    MD5

    b98debc1f4b9cdd2c16ea89baf8e1a76

    SHA1

    4f0d07ee0c047bc1b8ac37ba5537d73b96ed5d7f

    SHA256

    317755c4fc9dc1b89ce0777fcdcb3ef1f7944fcbc4ec931e969d598a9e148cae

    SHA512

    e0f6bbde6d1329f1d14aacd57979dab4b5da694f964c3a906e0da9978bcc0c3f4a059bff8f4312cafcaa08b48727a232a4c7ceec10bcec4f3ae38a5809a00242

    Download Submit

  • \Program Files\DirectSetup\Applications.exe
    Filesize

    249KB

    MD5

    b98debc1f4b9cdd2c16ea89baf8e1a76

    SHA1

    4f0d07ee0c047bc1b8ac37ba5537d73b96ed5d7f

    SHA256

    317755c4fc9dc1b89ce0777fcdcb3ef1f7944fcbc4ec931e969d598a9e148cae

    SHA512

    e0f6bbde6d1329f1d14aacd57979dab4b5da694f964c3a906e0da9978bcc0c3f4a059bff8f4312cafcaa08b48727a232a4c7ceec10bcec4f3ae38a5809a00242

    Download Submit

  • \Program Files\DirectSetup\Applications.exe
    Filesize

    249KB

    MD5

    b98debc1f4b9cdd2c16ea89baf8e1a76

    SHA1

    4f0d07ee0c047bc1b8ac37ba5537d73b96ed5d7f

    SHA256

    317755c4fc9dc1b89ce0777fcdcb3ef1f7944fcbc4ec931e969d598a9e148cae

    SHA512

    e0f6bbde6d1329f1d14aacd57979dab4b5da694f964c3a906e0da9978bcc0c3f4a059bff8f4312cafcaa08b48727a232a4c7ceec10bcec4f3ae38a5809a00242

    Download Submit