Analysis
-
max time kernel
123s -
max time network
145s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
11-01-2024 05:47
General
-
Target
2024-01-10_2ba718392c10e4c2a70bff30183731bc_icedid.exe
-
Size
307KB
-
MD5
2ba718392c10e4c2a70bff30183731bc
-
SHA1
96ad0e303cce12e84b2881ec3d0d9c6d7bc216f6
-
SHA256
eca6a494b8fb08b83c773eb4c2eb9ce567e08d26bf7a8014d46490a0edbf60e4
-
SHA512
2196e9b5ba96ff954afc7544f0978b38ef85d3c2604a13fc4132a6becc34b82dba27aec17f9feb26508bf8b3255c4d53b72a50d026926c974b2cefcf2343c306
-
SSDEEP
3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Drops file in Program Files directory 2 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-10_2ba718392c10e4c2a70bff30183731bc_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-10_2ba718392c10e4c2a70bff30183731bc_icedid.exe"1⤵
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\towrite\following.exe"C:\Program Files\towrite\following.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
307KB
MD50ccdec6f5c8b5496d8c3e5ef36e5c86d
SHA1c4c609884cf43d2cd7834ab7afad96670582b6e4
SHA2564ce20486b3f6710de20030abef8f97ec7547b41b61e73a3d8c1c748030cdf16e
SHA512eda521666fa9ecfa187deb249daa357406113bac83469b000058df5c2699950583f0fbf5056f8251cf1a6e0dd4f941ab8a92eb4fe854719e637d669e42068952