Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-01-01...id.exe

windows7-x64

7

2024-01-01...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    122s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    05/01/2024, 05:52

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-01_e99b8cc22c830c3a28a8cecf2723b94f_icedid.exe

  • Size

    383KB

  • MD5

    e99b8cc22c830c3a28a8cecf2723b94f

  • SHA1

    7e2c6c8ba3d726528ad91a4e08f13d554ab06397

  • SHA256

    836d3c624e02eb7665612a08cff502d739531da88d13b71f4cc9115102274d80

  • SHA512

    4e6ce3a078bba484849061621e58efabc3a4b0e6b2af9e647dd0d349a752753cbf0b1dc1ea09bf7bc0c6b2aeb6c0e4428be9b129f67f8e5065e6cee2efe10957

  • SSDEEP

    6144:cplrlbbDdQaqd2X/96fr3KFEUGjr8uB2WgcA0cpXEVNrvGZ4FUqm6:cplrVbDdQaqdS/ofraFErH8uB2Wm0SXj

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-01_e99b8cc22c830c3a28a8cecf2723b94f_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-01_e99b8cc22c830c3a28a8cecf2723b94f_icedid.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1648
    • C:\Program Files\accordingly\Panel.exe
      "C:\Program Files\accordingly\Panel.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:2484

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\accordingly\Panel.exe
    Filesize

    64KB

    MD5

    225349542b91b196581fd554cd59d04a

    SHA1

    29cb8b0e683585b605db15a72cc7956357c59a09

    SHA256

    a5fbc413472374d19b89abca3b5e32fb2605a6c888fc910ab27424618773ee2b

    SHA512

    0d08c1969961349fadcafe488f20b2cc3e83898d3243698387d6335a4fcb19e28c3cac4889da350ed444b43d437539ee61de37d612de882545930847820a848f

    Download Submit

  • C:\Program Files\accordingly\Panel.exe
    Filesize

    82KB

    MD5

    237e23839fe5ff01bbccc35d20683c0a

    SHA1

    4c86bd376a4dde4d368b4e8be5c919f20ecbb251

    SHA256

    30f7825d3b621b8d750dd082e7ccc8491130e295f7312f6af0441035d772eed1

    SHA512

    e4342c2aff929bf70aae0d2fc3df7406690fd3b936f30830e9c560a556996b711188d12c403b58511154e0f75ecf017ba937a75e8c1d312d67aeea5a96ec2320

    Download Submit

  • \Program Files\accordingly\Panel.exe
    Filesize

    224KB

    MD5

    6ba98871b4fbfa221f546afcdb82fc73

    SHA1

    0eae10993e48f5f9b5929c4ad2b1bf214f1d3abf

    SHA256

    7d8be669abcf0506bc71d5b7bdf46228b6eda7a864cf2252a8471139700b9d40

    SHA512

    fa7ac53544d5a4f85d291168f2676fca2f5b59cc0a3a86b6a2b793b22df32c83aa9c7d0750711b9c9b30f9a8eec26572b5e74c45e00ffed0f40e93e6fa4e2b4d

    Download Submit

  • \Program Files\accordingly\Panel.exe
    Filesize

    51KB

    MD5

    7f1605e6ebc3fc74c46a2808074ace51

    SHA1

    fc969173637d3d5164fa476aeeb1caaeec10eec8

    SHA256

    4f6a7687fca2cc751804947616843c43f3265b706ef076c86ad0864b7e57588e

    SHA512

    5fc87224c3ee6dc95c22cf0bfeeab6cd22a4267afff5178d33592ccec972b48a78b5187012907ea735b2643f477a3cf8b2bdf6bb25d9d9ca53373fda100f18a7

    Download Submit