Overview

overview

7

Static

static

3

NEAS.2023-...JC.exe

windows7-x64

7

NEAS.2023-...JC.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    139s
  • platform
    windows7_x64
  • resource
    win7-20231023-en
  • resource tags

    arch:x64arch:x86image:win7-20231023-enlocale:en-usos:windows7-x64system
  • submitted
    23-10-2023 20:24

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    NEAS.2023-09-07_1faf0e572b708195e4c98e1a84472108_icedid_JC.exe

  • Size

    379KB

  • MD5

    1faf0e572b708195e4c98e1a84472108

  • SHA1

    73cb138ba2912198f891035899cc8e0e30398e58

  • SHA256

    e33ae53f128be1c20f6ff6f365d38aafae16cb05e0ca72ffe5aaece663dd5a6a

  • SHA512

    f3b30f4b290d032dcf5938a37ad0a18bdfd4d84fd5c820166238bf2cee1ec5bcdeb951ff5211ac5e406c3f63f0e64ea13aac57d3d73acbbbf6275d6734ed42a4

  • SSDEEP

    6144:/plrlbbDdQaqd2X/96fr3KFEUGjr8uB2WgcA0cpXEVNrvGZ4FUqm6:/plrVbDdQaqdS/ofraFErH8uB2Wm0SXj

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\NEAS.2023-09-07_1faf0e572b708195e4c98e1a84472108_icedid_JC.exe
    "C:\Users\Admin\AppData\Local\Temp\NEAS.2023-09-07_1faf0e572b708195e4c98e1a84472108_icedid_JC.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2952
    • C:\Program Files\Size\Dependency.exe
      "C:\Program Files\Size\Dependency.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:2296

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\Size\Dependency.exe
    Filesize

    379KB

    MD5

    6dfc80b144fa7307b282e5c7409447d2

    SHA1

    52fff6a7fe92e9c0a8edded73343feb0b8e84955

    SHA256

    0bc46d34372d10caba5b369a23ddfc565f19bb1afa27cb265a43e2f7c4e97b7f

    SHA512

    b125cd76ceda556ded43b59615b8eb6f31bae385d6602c2cf5413864550f5dca760c32fb1ffcd56c741242bb1f4cd5dd9dc87151cb4faaca49cfc4dee8d3c115

    Download Submit

  • C:\Program Files\Size\Dependency.exe
    Filesize

    379KB

    MD5

    6dfc80b144fa7307b282e5c7409447d2

    SHA1

    52fff6a7fe92e9c0a8edded73343feb0b8e84955

    SHA256

    0bc46d34372d10caba5b369a23ddfc565f19bb1afa27cb265a43e2f7c4e97b7f

    SHA512

    b125cd76ceda556ded43b59615b8eb6f31bae385d6602c2cf5413864550f5dca760c32fb1ffcd56c741242bb1f4cd5dd9dc87151cb4faaca49cfc4dee8d3c115

    Download Submit

  • \Program Files\Size\Dependency.exe
    Filesize

    379KB

    MD5

    6dfc80b144fa7307b282e5c7409447d2

    SHA1

    52fff6a7fe92e9c0a8edded73343feb0b8e84955

    SHA256

    0bc46d34372d10caba5b369a23ddfc565f19bb1afa27cb265a43e2f7c4e97b7f

    SHA512

    b125cd76ceda556ded43b59615b8eb6f31bae385d6602c2cf5413864550f5dca760c32fb1ffcd56c741242bb1f4cd5dd9dc87151cb4faaca49cfc4dee8d3c115

    Download Submit

  • \Program Files\Size\Dependency.exe
    Filesize

    379KB

    MD5

    6dfc80b144fa7307b282e5c7409447d2

    SHA1

    52fff6a7fe92e9c0a8edded73343feb0b8e84955

    SHA256

    0bc46d34372d10caba5b369a23ddfc565f19bb1afa27cb265a43e2f7c4e97b7f

    SHA512

    b125cd76ceda556ded43b59615b8eb6f31bae385d6602c2cf5413864550f5dca760c32fb1ffcd56c741242bb1f4cd5dd9dc87151cb4faaca49cfc4dee8d3c115

    Download Submit