837da7fb0709caa2b6908124a8795e7aa14763be75d57bbcae417c09ea21869b

Analysis

max time kernel
118s
max time network
141s
platform
windows7_x64
resource
win7-20230831-en
resource tags

arch:x64arch:x86image:win7-20230831-enlocale:en-usos:windows7-x64system
submitted
14/10/2023, 03:27

Target

2023-08-25_539bbb7924dbd098b01ebe31847adab5_icedid_JC.exe
Size

412KB
MD5

539bbb7924dbd098b01ebe31847adab5
SHA1

80031a943ee4382937a3b03369299af90f94e4c2
SHA256

837da7fb0709caa2b6908124a8795e7aa14763be75d57bbcae417c09ea21869b
SHA512

c77ea57157145f1eba1d496c9a0dda9a3185ed136b43f1b54df734eb9310676ab35c5a3a98bc7cc4f16b49589c8d8b57c0eb7973af2d151196e9158cffa657d0
SSDEEP

12288:TplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:VxRQ+Fucuvm0as

Score

7^/10

Executes dropped EXE 1 IoCs

pid	Process
364	privileges.exe

Loads dropped DLL 2 IoCs

pid	Process
2360	2023-08-25_539bbb7924dbd098b01ebe31847adab5_icedid_JC.exe
2360	2023-08-25_539bbb7924dbd098b01ebe31847adab5_icedid_JC.exe

Drops file in Program Files directory 1 IoCs

description	ioc	Process
File created	C:\Program Files\Internals\privileges.exe	2023-08-25_539bbb7924dbd098b01ebe31847adab5_icedid_JC.exe

Suspicious use of SetWindowsHookEx 8 IoCs

pid	Process
2360	2023-08-25_539bbb7924dbd098b01ebe31847adab5_icedid_JC.exe
2360	2023-08-25_539bbb7924dbd098b01ebe31847adab5_icedid_JC.exe
2360	2023-08-25_539bbb7924dbd098b01ebe31847adab5_icedid_JC.exe
2360	2023-08-25_539bbb7924dbd098b01ebe31847adab5_icedid_JC.exe
364	privileges.exe
364	privileges.exe
364	privileges.exe
364	privileges.exe

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2360 wrote to memory of 364	2360	2023-08-25_539bbb7924dbd098b01ebe31847adab5_icedid_JC.exe	29
PID 2360 wrote to memory of 364	2360	2023-08-25_539bbb7924dbd098b01ebe31847adab5_icedid_JC.exe	29
PID 2360 wrote to memory of 364	2360	2023-08-25_539bbb7924dbd098b01ebe31847adab5_icedid_JC.exe	29
PID 2360 wrote to memory of 364	2360	2023-08-25_539bbb7924dbd098b01ebe31847adab5_icedid_JC.exe	29

C:\Program Files\Internals\privileges.exe

Filesize
412KB

MD5
67d82c431f9be49126fb466bc0b92723

SHA1
001e6645b853a2390a81b30fa0787741e9624c8c

SHA256
a21e7a11afcb83920ef5b773224aa05a2263595b49598071220916624ca86fb2

SHA512
47e6a85d55f9e2e7d3aa0fef2ab4799a3dce555b0183b80c5631c047e1b8b6ea2e5eaaee8c533fca8bc5f00aebdb16dc38e42cea60f05bda5a17091c89b4c223

Download Submit
C:\Program Files\Internals\privileges.exe

Filesize
412KB

MD5
67d82c431f9be49126fb466bc0b92723

SHA1
001e6645b853a2390a81b30fa0787741e9624c8c

SHA256
a21e7a11afcb83920ef5b773224aa05a2263595b49598071220916624ca86fb2

SHA512
47e6a85d55f9e2e7d3aa0fef2ab4799a3dce555b0183b80c5631c047e1b8b6ea2e5eaaee8c533fca8bc5f00aebdb16dc38e42cea60f05bda5a17091c89b4c223

Download Submit
\Program Files\Internals\privileges.exe

Filesize
412KB

MD5
67d82c431f9be49126fb466bc0b92723

SHA1
001e6645b853a2390a81b30fa0787741e9624c8c

SHA256
a21e7a11afcb83920ef5b773224aa05a2263595b49598071220916624ca86fb2

SHA512
47e6a85d55f9e2e7d3aa0fef2ab4799a3dce555b0183b80c5631c047e1b8b6ea2e5eaaee8c533fca8bc5f00aebdb16dc38e42cea60f05bda5a17091c89b4c223

Download Submit
\Program Files\Internals\privileges.exe

Filesize
412KB

MD5
67d82c431f9be49126fb466bc0b92723

SHA1
001e6645b853a2390a81b30fa0787741e9624c8c

SHA256
a21e7a11afcb83920ef5b773224aa05a2263595b49598071220916624ca86fb2

SHA512
47e6a85d55f9e2e7d3aa0fef2ab4799a3dce555b0183b80c5631c047e1b8b6ea2e5eaaee8c533fca8bc5f00aebdb16dc38e42cea60f05bda5a17091c89b4c223

Download Submit