Overview

overview

7

Static

static

3

2024-01-09...id.exe

windows7-x64

7

2024-01-09...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    139s
  • max time network
    150s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/01/2024, 05:51

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-09_2710bc1b7fdb643a7621c982d6a6d768_icedid.exe

  • Size

    387KB

  • MD5

    2710bc1b7fdb643a7621c982d6a6d768

  • SHA1

    11eea2d5b91a8ec8157559940e0e0cda715b8976

  • SHA256

    c203b978a033bd3b14b1c9c29ab67dd5228e81c4cd0b1a2ae9e477657759b65a

  • SHA512

    84d56090cba004963154532b22465c8b3cb59c4887b028eb8c2dc42b5a1c8230f1a7a33615facdcb071990349e01ec1b930a5d056cf6ca74985a385391f20e1c

  • SSDEEP

    12288:eplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:KxRQ+Fucuvm0as

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-09_2710bc1b7fdb643a7621c982d6a6d768_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-09_2710bc1b7fdb643a7621c982d6a6d768_icedid.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2036
    • C:\Program Files\Synthesis\Composition.exe
      "C:\Program Files\Synthesis\Composition.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:1156

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Program Files\Synthesis\Composition.exe
          Filesize

          7KB

          MD5

          6ad0aa5f04d0a24af1ba0d587269e045

          SHA1

          ce0d40177897e4dc9216f9e5da7d44251682c773

          SHA256

          c440270cae8c1d2c14f9ca359ce45dfbdc88649bcfea31e34a6c95056d077121

          SHA512

          27876932346e6e66a7d54af975f8a404ef21b6eb310c19557053743dc8664a5d59978c5f8f4edc0fe9a183900ed83e1121bcb671789acb848936ec3c2685cf4e

          Download Submit

        • C:\Program Files\Synthesis\Composition.exe
          Filesize

          57KB

          MD5

          149850f205451faf59a0af0f12352588

          SHA1

          6b0ed17380f070ed5c6a621ba638a06dcfc1efa4

          SHA256

          63c0e43cf29ea36365bef5f26bb764b46d4547d06086599b9740c51beb5e9007

          SHA512

          a45470098efab571f7a5b4aa205fb8f0b2f393a7a77395847297517f88e746592c30025ca7db1de1dd1fd79c56bfcdd7b29b80897d4e9af6f4b238ec774121a5

          Download Submit