Overview

overview

7

Static

static

3

2024-01-09...id.exe

windows7-x64

7

2024-01-09...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    119s
  • max time network
    123s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    10/01/2024, 05:58

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-09_9c1cc176a14763ea0d01c3dc24b53206_icedid.exe

  • Size

    384KB

  • MD5

    9c1cc176a14763ea0d01c3dc24b53206

  • SHA1

    9a0e4208404e6fe434907bef75446fee957fd52a

  • SHA256

    1861b91acac95fba6a807b016b77bb0a90870fb3b92017cc0aa41f09c8e7c10d

  • SHA512

    cc40e73136e47c7b764737c7fefe131941d005103af33d2242a620456ff001432ef5e1b04267c6790f2db68b4de7a67430b3494c27793171778870dfdad88859

  • SSDEEP

    12288:4plrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:kxRQ+Fucuvm0as

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-09_9c1cc176a14763ea0d01c3dc24b53206_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-09_9c1cc176a14763ea0d01c3dc24b53206_icedid.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1364
    • C:\Program Files\requires\managed.exe
      "C:\Program Files\requires\managed.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:2916

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\requires\managed.exe
    Filesize

    119KB

    MD5

    6200c9992a2f7c232a2e81ce96029354

    SHA1

    299f8aa922aab684cf5c0bbcde54876692aa0ce6

    SHA256

    a4592e92e29b1370f6f973099639b7cc291e215406b4e207b10328804799e574

    SHA512

    3644c1c1dca56f4a7925d466424269ec1e6055cdf462cb22ba22a3ac76d18bb6e09b0eb85b0cd2816e5df3019fa969b969359c26f1cc7e2ab508c98eab5a9405

    Download Submit

  • C:\Program Files\requires\managed.exe
    Filesize

    1KB

    MD5

    04e5b47e0dd1cb19b518b1a435d8fa5e

    SHA1

    024eff6665948be83a09a968ebb7b6ea5a56b27c

    SHA256

    d471dce6e1de1be7020e80f29676dd285cc9e172aab967461e72283787e9bb4a

    SHA512

    da111981f63eda2f1570c893f30a232392e48102482f1fde18ae553a2964bdb4dcc4e71b61980bce86225b92f981eab165c8787fdd7fdc026f23514cab86889e

    Download Submit

  • \Program Files\requires\managed.exe
    Filesize

    76KB

    MD5

    9ea73ac2c82afbcd12c4f2def53c119e

    SHA1

    7576f9fedb8de477d8e5e000ea9d05dd5965c535

    SHA256

    120f6face65b627faf344b3fc64288f6cb727f8d3dc0cd0fe7e494f5cec9a614

    SHA512

    951848c986c9d96b3dd75bd22a536f165794b9ea11373a9937de0307d518f5ae14c4ce5c4ad2b583adbdd42e3e42ee1e05f82de95b1fca16e341eb491b42cbe1

    Download Submit

  • \Program Files\requires\managed.exe
    Filesize

    151KB

    MD5

    88c456b7bb1224e35a0df1e4fa8fb7f4

    SHA1

    d9c8e292c0a961c12e1429e34c7160840ef60da1

    SHA256

    12da7ee921120dbed11b639a04d20d1b8f70428a88524d0ba1ab8dc3e9178fa3

    SHA512

    6324e15ff7d19e0915a6c5b64d742f5871358ab9dbdafc12e066429f9ac49fce4b4c9ff5575c1f4c800b03ddc558d807b65ab11578b1b0b0d55e67e3b51484c6

    Download Submit