Overview

overview

7

Static

static

3

2024-01-09...id.exe

windows7-x64

7

2024-01-09...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    125s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    10/01/2024, 05:59

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-09_ad8a7e2a13bf66b37237049447cdf327_icedid.exe

  • Size

    306KB

  • MD5

    ad8a7e2a13bf66b37237049447cdf327

  • SHA1

    63f069b7c10f90e815425c68a3c3f6bc05010776

  • SHA256

    5bb7dddacce567f65d2355d26c690fd5d4e0f84e18a3170520803c1dd6a0bed0

  • SHA512

    7315f1f9923abad85dda55c199f7b046a4d37ca98e23a2851bcccf474e5d1d26f7c77b2d78915091e55c87bced2b116acb7b00815fdb2a3ced349c7e896fd1e7

  • SSDEEP

    3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 2 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-09_ad8a7e2a13bf66b37237049447cdf327_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-09_ad8a7e2a13bf66b37237049447cdf327_icedid.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2480
    • C:\Program Files\make\sure.exe
      "C:\Program Files\make\sure.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:1276

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Program Files\make\sure.exe
          Filesize

          64KB

          MD5

          797006726cc17c5cfade85d080952619

          SHA1

          109168a242609be4eeedb2ec1c64ccb5da4d456e

          SHA256

          ae26f0c0750ee77821328287b76d83d9dfc017624cad74e01e7468228c397495

          SHA512

          b967586c1a95c3ab1b6ce45ba849a926c45ece2c0b49ed2c23397091d38168a1580372f0b6496e2da1058ea1302255ad6326c69aef86fd790166b828a63cf3f0

          Download Submit

        • \Program Files\make\sure.exe
          Filesize

          65KB

          MD5

          c2fa2f02321b46b7a17f92588332a50a

          SHA1

          1e7de6bc4909d90d757325942a8e3bdbe58dd3e8

          SHA256

          5af0584bd1d94a8adb48f756c78e7a7c8b5e558fef07fbb10aa845582466c6d7

          SHA512

          566b6feedbbf092df74dd858f19de54e202be4cf7385209e77ec5a16c27d88882a99587401a5b3f3379f8989aeed18ab2e77e667c659b77d257c4f108b6aa7ac

          Download Submit