Analysis
-
max time kernel
122s -
max time network
147s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
07-01-2024 12:13
General
-
Target
2024-01-06_96f2c1b8519c2594da431a541ff28f6b_icedid.exe
-
Size
424KB
-
MD5
96f2c1b8519c2594da431a541ff28f6b
-
SHA1
f6ab7f5a7a55a020c9a80e97f1d3286c59502979
-
SHA256
a16db50032b68f334aab03cb2e27db33a489d7c3594c59dee16a1b4dd5bd4323
-
SHA512
bf43e874d7d0f7b96db7e909c3e78133064541cabcca456827f9b7241452033cfa15f133725ec00c1fff5d55d7f746ce2d18fcbb67acd3d9efa50ad93ae31aac
-
SSDEEP
12288:JplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:LxRQ+Fucuvm0as
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 1 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-06_96f2c1b8519c2594da431a541ff28f6b_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-06_96f2c1b8519c2594da431a541ff28f6b_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\French\German.exe"C:\Program Files\French\German.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
424KB
MD55e604f79defafcd9ac750259f28a6428
SHA1fc6ffd4731900fab8a671aa170ab02fde5c9aa7d
SHA2563db007cdad75ebfd463b9e1b15e2a833cfaa1a7587458a765d8bdd3f9433bc9a
SHA5122e26c060244dbf444af752e57bcb052a4d9db67981e2a4f58e76bf5c6aa511b187977b58aa5334d760bc2e4790e7fc6f7a3b96dbd7036be621a1ee5e644a4630