Overview

overview

7

Static

static

3

2024-01-06...id.exe

windows7-x64

7

2024-01-06...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    139s
  • max time network
    139s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07-01-2024 12:07

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-06_2b20bbb226679e101e3c0dd9f997a226_icedid.exe

  • Size

    422KB

  • MD5

    2b20bbb226679e101e3c0dd9f997a226

  • SHA1

    4394d6b763d64ceb0e2de51c1b5ebbf831d6fb28

  • SHA256

    e1f308c576913a2621e6f4416cf44bd9657e802866ec549ee620bb39693a5f57

  • SHA512

    b8f018738da3a5c4acedf4649e2c2ed04743bab3c6062ed4a37786bbd2bf40c194ba8e20d6d64aa275a2b80bfbd9fe043eee206f4175204ca3520703b2dde3c8

  • SSDEEP

    12288:+plrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:qxRQ+Fucuvm0as

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-06_2b20bbb226679e101e3c0dd9f997a226_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-06_2b20bbb226679e101e3c0dd9f997a226_icedid.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4800
    • C:\Program Files\Redist\license.exe
      "C:\Program Files\Redist\license.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:4212

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\Redist\license.exe
    Filesize

    92KB

    MD5

    f2a427ab18eab7ece15224b8d0b0addc

    SHA1

    eed57a0dbcef4fdaebc7768e7f957d2e62ea99e1

    SHA256

    d412325896540e8f24ebf40b0598e4be423a043836e100e0178bc7d68065d7ed

    SHA512

    0b86ce0b87523072bff805b5a0cfdda33ebd669697b5967c6996d5eb80d1672790e75bb4953f4ed116fe16a0053fd84f8a74678172b87a80b3ec80ba3c0d169a

    Download Submit

  • C:\Program Files\Redist\license.exe
    Filesize

    99KB

    MD5

    cd65435f7900fabb76bf48cff285201d

    SHA1

    25facdc60c1cf0076938b5c92cc30ad23cb2c724

    SHA256

    3aedb05ad02361ec52cbe8ec4b814259c1357b030050362fd4f5f0b31c1fc201

    SHA512

    d3fde1afee09773c496db57a463a4f97e343a27140c0e01b5524cd25a1727bf669be0894dc572a091107399029de8235c066208cc2aa0872ae9d601f7af51188

    Download Submit