Overview

overview

7

Static

static

3

2024-01-09...id.exe

windows7-x64

7

2024-01-09...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    150s
  • max time network
    114s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    10/01/2024, 05:51

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-09_2d77041f9d466bbc42dd7a892bd2855d_icedid.exe

  • Size

    298KB

  • MD5

    2d77041f9d466bbc42dd7a892bd2855d

  • SHA1

    7f8532cb64b91a10612a29dd2ba0f6eb2dd61edf

  • SHA256

    f71295b4f241689f192cb219c84ee5a1565b7cf9302508c040698d95f90cd241

  • SHA512

    f1702dd3ec204f0316d5c9eabd498ade04c603bdc03fc01f9d1354e82f222016945f1b0e0809ad412e13ab6e9d236467ee7956be3ad3cca851f52dab46c46a0b

  • SSDEEP

    3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 2 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-09_2d77041f9d466bbc42dd7a892bd2855d_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-09_2d77041f9d466bbc42dd7a892bd2855d_icedid.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3752
    • C:\Program Files\match\library.exe
      "C:\Program Files\match\library.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:1080

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\match\library.exe
    Filesize

    299KB

    MD5

    6d013a848d9fdb20465730e85533e817

    SHA1

    b8e0cebe098c32cfbf26803beb5229de047c5405

    SHA256

    5657507a3dd11ae771ccca0d524dd160524095007b9bdb40dffb539ddc11dedc

    SHA512

    83ba8daa49e454865c97e8bdf0316319caf4000c42b1de575793e94fef08c7058de2669d13651f9ebc66a1ddcc9021678ea0e78665cb2c9a0dd47fe0ef3926d8

    Download Submit

  • C:\Program Files\match\library.exe
    Filesize

    244KB

    MD5

    314bcfc9b60d10ecc4ce3ceae9ce926f

    SHA1

    60cdb8843547c234b1ee9533e8d18de8274fa867

    SHA256

    35720db1b2615d75a8059ff0829f5d8cf17e7213534ae7569f278cb378d8c874

    SHA512

    0a0992fa3e58b059a9a197c29406fe18356a88ba84c1eacea5f5286f5bd3eae5f028db32bd82ff2aee3b077baf69d5f6eff587291c18230a4e0c6fd4a62ff312

    Download Submit