Overview

overview

7

Static

static

3

2023-08-25...JC.exe

windows7-x64

7

2023-08-25...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20230831-en
  • resource tags

    arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
  • submitted
    14/10/2023, 00:10

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2023-08-25_714b48b55975ef5c8417d8dcb48f4fe8_icedid_JC.exe

  • Size

    249KB

  • MD5

    714b48b55975ef5c8417d8dcb48f4fe8

  • SHA1

    3e85cb637893012363228708a587c9d3c101f62b

  • SHA256

    41a19e1cae0b5dc0c23abbabca6da289ffbe93d426081806912166850e4470fd

  • SHA512

    7d0655127ab5157afb5a1fb0642ace4872c5fc3d34923a23f7eefc45a9bb4dd0642ddc684b8a323c87a541c621ac3829fe8c2a777f9aab143098a1a57d33571e

  • SSDEEP

    3072:lxUm75Fku3eKeO213SJReOqdmErj+HyHnNVIPL/+ybbiW1u46Q7qV3lU8xM:fU8Dk11CJ1qDWUNVIT/bblS9x

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 2 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2023-08-25_714b48b55975ef5c8417d8dcb48f4fe8_icedid_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\2023-08-25_714b48b55975ef5c8417d8dcb48f4fe8_icedid_JC.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1932
    • C:\Program Files\customer\component.exe
      "C:\Program Files\customer\component.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:1992

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\customer\component.exe
    Filesize

    249KB

    MD5

    2fe7df2fc64f2729d04ba54c1f9e39fd

    SHA1

    15f84b02a3033a476af7a9b80662c35b4327ba1a

    SHA256

    b2b1af546d49bdde8e82f5a7122d7b64be945183322ec40947f5911408da2705

    SHA512

    ab4b3e22d26fdcce0ed6a71e84f73bc7c36bd40a2413d155b8116cc47926bd5ab5a4b8b1d894f2b3fb7f37ed4d966119dd21824c2a1a9461c431ca2f8ca9b482

    Download Submit

  • C:\Program Files\customer\component.exe
    Filesize

    249KB

    MD5

    2fe7df2fc64f2729d04ba54c1f9e39fd

    SHA1

    15f84b02a3033a476af7a9b80662c35b4327ba1a

    SHA256

    b2b1af546d49bdde8e82f5a7122d7b64be945183322ec40947f5911408da2705

    SHA512

    ab4b3e22d26fdcce0ed6a71e84f73bc7c36bd40a2413d155b8116cc47926bd5ab5a4b8b1d894f2b3fb7f37ed4d966119dd21824c2a1a9461c431ca2f8ca9b482

    Download Submit

  • \Program Files\customer\component.exe
    Filesize

    249KB

    MD5

    2fe7df2fc64f2729d04ba54c1f9e39fd

    SHA1

    15f84b02a3033a476af7a9b80662c35b4327ba1a

    SHA256

    b2b1af546d49bdde8e82f5a7122d7b64be945183322ec40947f5911408da2705

    SHA512

    ab4b3e22d26fdcce0ed6a71e84f73bc7c36bd40a2413d155b8116cc47926bd5ab5a4b8b1d894f2b3fb7f37ed4d966119dd21824c2a1a9461c431ca2f8ca9b482

    Download Submit

  • \Program Files\customer\component.exe
    Filesize

    249KB

    MD5

    2fe7df2fc64f2729d04ba54c1f9e39fd

    SHA1

    15f84b02a3033a476af7a9b80662c35b4327ba1a

    SHA256

    b2b1af546d49bdde8e82f5a7122d7b64be945183322ec40947f5911408da2705

    SHA512

    ab4b3e22d26fdcce0ed6a71e84f73bc7c36bd40a2413d155b8116cc47926bd5ab5a4b8b1d894f2b3fb7f37ed4d966119dd21824c2a1a9461c431ca2f8ca9b482

    Download Submit