Overview

overview

3

Static

static

3

2024-01-06...id.exe

windows7-x64

1

2024-01-06...id.exe

windows10-2004-x64

1

Analysis

  • max time kernel
    145s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07-01-2024 12:15

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-06_bacc729ce87e22751f8df2a0e7ffa1cd_hacktools_icedid.exe

  • Size

    856KB

  • MD5

    bacc729ce87e22751f8df2a0e7ffa1cd

  • SHA1

    4faf68918c8f36a3beea9f2a76c57745c9aa63df

  • SHA256

    61085584db077e2a478f58d2a16e87fb52670b1e8246e70144bff5838ff8d55e

  • SHA512

    4aafe919008428d091a0d72871e1e872066fe93f9d95eb2fc3e36c90b0b8273e2c0612f09deed445939c6537d880cfc9f9bec6e13db9a29b02c85dca3f1462cf

  • SSDEEP

    12288:+tTFh55GAIR+p+3iJ8AoQnmywP0cJ6D4DWCG3juN0r:+tTFhnme+yJ8zQnmyjcJ6D4DBG3m2

Score
1/10

Malware Config

Signatures

  • Suspicious behavior: RenamesItself 1 IoCs
  • Suspicious use of AdjustPrivilegeToken 1 IoCs
  • Suspicious use of SetWindowsHookEx 2 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-06_bacc729ce87e22751f8df2a0e7ffa1cd_hacktools_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-06_bacc729ce87e22751f8df2a0e7ffa1cd_hacktools_icedid.exe"
    1⤵
    • Suspicious behavior: RenamesItself
    • Suspicious use of AdjustPrivilegeToken
    • Suspicious use of SetWindowsHookEx
    PID:3444

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\Local\Temp\553A.tmp
    Filesize

    381KB

    MD5

    4a1399e95c29ef2dc286eccb7c15fc2d

    SHA1

    64e4327ed084c0f7291e665d97c9147238d061e3

    SHA256

    fc8c9ac94bfc781dc14f2a409c3643639bb962bab95dc131f3245296d83fd0bb

    SHA512

    67ef57c108d32cd16789727938874808d550e80a62409dc29a75c1e0b0c3c7c8cb175e5965e59035e96b4125515accc4733572a2860fed71a283ebc2cdbac6f6

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\553B.tmp
    Filesize

    92KB

    MD5

    d8a0f161e2483a793b79a887d00d8a57

    SHA1

    54b488c83221f29f9656117c9eeb0600505a860c

    SHA256

    8eb591859f1e39698763a76ec1ff833478a0d668861e77dffa3aa151ecb19702

    SHA512

    d5a17e5d73b9d7e1f1f4c30c26a21af1707ed744320d95fd48e528860ebf369b976c02761f6ac26f5d639535e8a527fc2cabaae6c85eb2f55ac3812c3f53eb91

    Download Submit