Overview

overview

3

Static

static

3

2024-01-09...id.exe

windows7-x64

1

2024-01-09...id.exe

windows10-2004-x64

3

Analysis

  • max time kernel
    121s
  • max time network
    163s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    10-01-2024 05:59

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-09_a3e91cc6eadd11712e39814115198541_icedid.exe

  • Size

    2.1MB

  • MD5

    a3e91cc6eadd11712e39814115198541

  • SHA1

    e771fb0bda7ac757d6d8dcc099fda4d9a903852a

  • SHA256

    2cb6cd522076423a2b8de6773c122792dc6621b8afe112e79177a456bed4a408

  • SHA512

    e328ec02e5d5ac8718fdf873f62b76f1874f753d09150679998a29de2f0a7dc536ab48583cbcbd2667e3ec7dd2c073f1cde19cd5207afece2a147cd045a7cf0d

  • SSDEEP

    49152:5lbbI4ru5TtXh1bvPXcqa1Ae2uN3BhDi2Ftx+j3pW+vJT9ZyI:bIKuRtXhxvEqxe2uN3BhOQt0TEU+I

Score
1/10

Malware Config

Signatures

  • Modifies Internet Explorer settings 1 TTPs 34 IoCs
    adwarespyware
  • Suspicious use of FindShellTrayWindow 1 IoCs
  • Suspicious use of SetWindowsHookEx 7 IoCs
  • Suspicious use of WriteProcessMemory 8 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-09_a3e91cc6eadd11712e39814115198541_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-09_a3e91cc6eadd11712e39814115198541_icedid.exe"
    1⤵
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:2404
    • C:\Program Files\Internet Explorer\iexplore.exe
      "C:\Program Files\Internet Explorer\iexplore.exe" http://www.microsoft.com/downloads/Browse.aspx?displaylang=en&categoryid=2
      2⤵
      • Modifies Internet Explorer settings
      • Suspicious use of FindShellTrayWindow
      • Suspicious use of SetWindowsHookEx
      • Suspicious use of WriteProcessMemory
      PID:1800
      • C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE
        "C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE" SCODEF:1800 CREDAT:275457 /prefetch:2
        3⤵
        • Modifies Internet Explorer settings
        • Suspicious use of SetWindowsHookEx
        PID:2828

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2c2c37f8d2adf6c275ac10f8c3870c5f

    SHA1

    a35bd9bd209a871ddb3d13a39e0df9fb220ac75e

    SHA256

    81c43f5631dab8a736b4f603657a941c9f3e5c86a9d1a7f36f8affd97af273e6

    SHA512

    a4cae75cde8629f600300a6fd45258092c64dc909931dd6c9ed49cbf7581fb1c4a95da68b5affec98edc0fe2f678785c5568320259447aefe3a9c5a620e76302

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    c6865c0998079c4af0ac6dfc735e3741

    SHA1

    d3be446ac632c8dcbb4484616bdc0449fef8c87a

    SHA256

    709c3812a86c55e959cfeea6c288e1aff8aae9d51e965db01ff929af6bd1f681

    SHA512

    dc686e3f77ef509193e6b419698ea4dc0f85317b15ca22671c1900aae5dd29d0633c5fa2ef756c8f8afb201b184ea7958b00cc273f991593100136c1ba90bf45

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    27a03ce62a6627bba5f0eee9f0258867

    SHA1

    a9164ef05630af60320b898a7e078728182ce119

    SHA256

    a189edd129020bdb3f70b63e7c72e884b3d9d28adac0cbf68c98bc7b9db7d51d

    SHA512

    fa42c8d1ce371939bdc60edf87a243a6a9a971025b613d9b2bc89c02725f662a809616490e477fa37252ff72204aade26c0fdc8d7e5a176dbab17b9b318243cc

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    0752851dbe9815a9198ade31a6446ca9

    SHA1

    fecbe7bdcea39baa72e3e5ce1e523114baa67d16

    SHA256

    f87e89a1d86eeb69f271b1c42b2e9b73174aa872a9892a24913e23c762227fb1

    SHA512

    545b96930711184f080a71b845251dc5858242f21005f380157b54931a6b7dfc5d51c6c135d7d469fac32cf11edbaa4a53dde41530b75318abfdead5c2dda778

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    2de5e18bf8a6442099b04dab8a5b5dcb

    SHA1

    4b1ee090f60fcde7537126f5703a639807f99712

    SHA256

    51bf97bea75a88542e1709401f6f89a308e4baa37c686065e04274ea25677b1a

    SHA512

    d1464e9c2d9415ebe870298e082223a3aa8fd455b3b9ca6260c4a53c5285f6437752535fd3b7705bd2401a16f45da38b8d5d86d87d18895f5bf51e3b95f16f60

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    385cc2e483242a6d9c1d2782a2916804

    SHA1

    b1174918edcf8ea9174f140bd894a1fbae7d9669

    SHA256

    d16388a22c1efc71a9216762c856eff8ccda0608b4ff47038733d47b86e6031f

    SHA512

    98334c1e79d89c4a39d4cc7810cfb1e16054479472e7f70639ab73de1b46bf0f22bb29d70e613ddcd96c8d3caf87a1d00fa1ef79a7356ec1c7bb58ab43a18123

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    6009ccda5a43fe91acdac0fd51268b9d

    SHA1

    506b36772d000b1e1a84492fd53adf4d3319097b

    SHA256

    7d14f9a286d9677acf1b7c62f4e0f8cf7eeefa41752e9e67acf3ab876a1480d9

    SHA512

    c64951e9b80f934042d64da745d0a595fd122d8d2e9883190c344354b1c3a4d0cb12000c88eed97482a9ba8fb98851a3065730140ae9b874766a99486f7510a6

    Download Submit

  • C:\Users\Admin\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\94308059B57B3142E455B38A6EB92015
    Filesize

    344B

    MD5

    a515cef081dbda9a02b366c9abc25b66

    SHA1

    46602052ccd1fe74fb829f5b9f62bdfb222a6fec

    SHA256

    d0c83e6de264be5bb1957f3662016b31f738ed86bdac89ffa2134f362d82c561

    SHA512

    08d7cb70a80903a41fa7dfa7358f23bfb8817a0788135fb0367a018e8f25c81c0bb8b7566c081f80fbd261b52ba2012ac66ed4ab6393e03fd82c75d96dc54d82

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\CabB2AE.tmp
    Filesize

    65KB

    MD5

    ac05d27423a85adc1622c714f2cb6184

    SHA1

    b0fe2b1abddb97837ea0195be70ab2ff14d43198

    SHA256

    c6456e12e5e53287a547af4103e0397cb9697e466cf75844312dc296d43d144d

    SHA512

    6d0ef9050e41fbae680e0e59dd0f90b6ac7fea5579ef5708b69d5da33a0ece7e8b16574b58b17b64a34cc34a4ffc22b4a62c1ece61f36c4a11a0665e0536b90d

    Download Submit

  • C:\Users\Admin\AppData\Local\Temp\TarB37C.tmp
    Filesize

    171KB

    MD5

    9c0c641c06238516f27941aa1166d427

    SHA1

    64cd549fb8cf014fcd9312aa7a5b023847b6c977

    SHA256

    4276af3669a141a59388bc56a87f6614d9a9bdddf560636c264219a7eb11256f

    SHA512

    936ed0c0b0a7ff8e606b1cc4175a1f9b3699748ccbba1c3aff96203033d2e9edabf090e5148370df42fbfc4e31d7229493706ff24f19ff42ff7bef74a6baad06

    Download Submit