Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2023-08-25...JC.exe

windows7-x64

7

2023-08-25...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    147s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20230915-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20230915-enlocale:en-usos:windows10-2004-x64system
  • submitted
    14/10/2023, 03:27

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2023-08-25_539bbb7924dbd098b01ebe31847adab5_icedid_JC.exe

  • Size

    412KB

  • MD5

    539bbb7924dbd098b01ebe31847adab5

  • SHA1

    80031a943ee4382937a3b03369299af90f94e4c2

  • SHA256

    837da7fb0709caa2b6908124a8795e7aa14763be75d57bbcae417c09ea21869b

  • SHA512

    c77ea57157145f1eba1d496c9a0dda9a3185ed136b43f1b54df734eb9310676ab35c5a3a98bc7cc4f16b49589c8d8b57c0eb7973af2d151196e9158cffa657d0

  • SSDEEP

    12288:TplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:VxRQ+Fucuvm0as

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2023-08-25_539bbb7924dbd098b01ebe31847adab5_icedid_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\2023-08-25_539bbb7924dbd098b01ebe31847adab5_icedid_JC.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1104
    • C:\Program Files\Typically\present.exe
      "C:\Program Files\Typically\present.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:1704

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\Typically\present.exe
    Filesize

    412KB

    MD5

    81c1d7b12706c696d45edd541ef4cb4d

    SHA1

    2dae3392cb32ed144ce19e13c19a1938c0fe3f8d

    SHA256

    1c94daf6c3e415c880c1391599acb997973de466d5fe2ab1afb49f272dcb1f70

    SHA512

    3f861bd86836b4530de65e279f5382101db6ea5efd38efcb3a84ca30d5d893e612f9267ff98deeeda3f8f841622a0bc149aef32e6f878f04f530d5b5fbbc070c

    Download Submit

  • C:\Program Files\Typically\present.exe
    Filesize

    412KB

    MD5

    81c1d7b12706c696d45edd541ef4cb4d

    SHA1

    2dae3392cb32ed144ce19e13c19a1938c0fe3f8d

    SHA256

    1c94daf6c3e415c880c1391599acb997973de466d5fe2ab1afb49f272dcb1f70

    SHA512

    3f861bd86836b4530de65e279f5382101db6ea5efd38efcb3a84ca30d5d893e612f9267ff98deeeda3f8f841622a0bc149aef32e6f878f04f530d5b5fbbc070c

    Download Submit