Overview

overview

7

Static

static

3

2024-01-06...id.exe

windows7-x64

7

2024-01-06...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    149s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    07-01-2024 12:17

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-06_d6eb9e6d4395a909a63a4cf338adaa4b_icedid.exe

  • Size

    298KB

  • MD5

    d6eb9e6d4395a909a63a4cf338adaa4b

  • SHA1

    c2875cdf0efa0a0f680f523114cb4a536c6bd470

  • SHA256

    74bb318feba8eb9020b883f5ac22c114a3316bc6bc088e0dd28e7048e76bd654

  • SHA512

    614c088c65b3b7e69f71523c2fed1e80c32c4e00d3a6ee1e2f3dd6ba3489b11a97ba188c93bae8879a4bd8cb2e8581d5f822bb339084b30995e7502596c057a8

  • SSDEEP

    3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 2 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-06_d6eb9e6d4395a909a63a4cf338adaa4b_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-06_d6eb9e6d4395a909a63a4cf338adaa4b_icedid.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4368
    • C:\Program Files\Autorun\compact.exe
      "C:\Program Files\Autorun\compact.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:3556

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\Autorun\compact.exe
    Filesize

    95KB

    MD5

    e0ece6de5c7c85b2274517de3f9a5901

    SHA1

    7750ec2eb8f99a9d90665e6441e2c201dc81dc74

    SHA256

    2579a4bbbd3fe134178091234fc802f2437385617b0efa0f11918ccc93a96b88

    SHA512

    ba66657f6eee713b2d488cf51a95494c8ad18662307f5f9b5b76736527af07b8a5bac01addd172e21171c61fdc99164295ad0271c86fae06adee877aa398a034

    Download Submit

  • C:\Program Files\Autorun\compact.exe
    Filesize

    93KB

    MD5

    11ec14da5e49b36ac13bd6224702c03c

    SHA1

    2674e13fb3cc39ed3dc09b7fcc4c2b1cbc9d7754

    SHA256

    6041cf4d9f20703e6c8b24fe184da3919312036c278227549d1640db5448f400

    SHA512

    523494124b8fc1a90848c1e2add2ddea9e6585901c83835513dc9a53fa5736c476a89c5df6c0e4891e5f1e769cdb90dfead630658b43d47bc5bf11d4157d282e

    Download Submit