Analysis
-
max time kernel
122s -
max time network
127s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
11-01-2024 05:54
General
-
Target
2024-01-10_a06e3f8440c12288698175cd50fb5d44_icedid.exe
-
Size
306KB
-
MD5
a06e3f8440c12288698175cd50fb5d44
-
SHA1
d92ff9a2210dad4f692e49d10ead4f0b7f394125
-
SHA256
4b3d1a95910c0354b81635473fc90b9e28120cbe027c2f6702a91d3e480540f9
-
SHA512
9c1e2e775bc13ad5ead06463c73e5b3eeae58f7212824b723bd3a46211adc9a673e310fbe4d2efe83ea13b2a3cff2a95bfcfe59cd0b1431d0cacd44aca1c0158
-
SSDEEP
3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 2 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-10_a06e3f8440c12288698175cd50fb5d44_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-10_a06e3f8440c12288698175cd50fb5d44_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Framework\skipto.exe"C:\Program Files\Framework\skipto.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
306KB
MD5bd6dc752b4a29f65c705ef023932beb5
SHA1d591b9e186944e27247a18f00eb7a4b97d23d671
SHA25662c2a871f7e2ff88297581f61aaecdcf757f0ec2712ad0f4501da75271370612
SHA5128676d004285317369e76005b26b452265905f7ca0984b37a3426663d184f5aaf6b2ff8cabff191041aba2483037ac14d7d15971830570aad0c26f2a52166e0d7