f08a71f1c2780e4e119021944f1373e42c8f1edbec8fb0dddb820fc58ec619e0

Analysis

max time kernel
119s
max time network
128s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
11/01/2024, 05:55

Target

2024-01-10_b8890080f05a7b1a44a827729dc05325_icedid.exe
Size

387KB
MD5

b8890080f05a7b1a44a827729dc05325
SHA1

228f064549c59699463f7e4fc945428cfc9df807
SHA256

f08a71f1c2780e4e119021944f1373e42c8f1edbec8fb0dddb820fc58ec619e0
SHA512

f29f629fd95cc3f7d6fde41af02d244cb47ca612ba0137fae296e53335ae3174a8435e4b5a01344fc9567f0c92a728e7f40b5e425f377ce76ba14722cdcc0c9e
SSDEEP

12288:OplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:6xRQ+Fucuvm0as

Score

7^/10

Executes dropped EXE 1 IoCs

pid	Process
2888	parameter.exe

Loads dropped DLL 2 IoCs

pid	Process
2112	2024-01-10_b8890080f05a7b1a44a827729dc05325_icedid.exe
2112	2024-01-10_b8890080f05a7b1a44a827729dc05325_icedid.exe

Drops file in Program Files directory 1 IoCs

description	ioc	Process
File created	C:\Program Files\Documentation\parameter.exe	2024-01-10_b8890080f05a7b1a44a827729dc05325_icedid.exe

Suspicious use of SetWindowsHookEx 8 IoCs

Suspicious use of WriteProcessMemory 4 IoCs

description	pid	Process	procid_target
PID 2112 wrote to memory of 2888	2112	2024-01-10_b8890080f05a7b1a44a827729dc05325_icedid.exe	28
PID 2112 wrote to memory of 2888	2112	2024-01-10_b8890080f05a7b1a44a827729dc05325_icedid.exe	28
PID 2112 wrote to memory of 2888	2112	2024-01-10_b8890080f05a7b1a44a827729dc05325_icedid.exe	28
PID 2112 wrote to memory of 2888	2112	2024-01-10_b8890080f05a7b1a44a827729dc05325_icedid.exe	28

C:\Program Files\Documentation\parameter.exe

Filesize
201KB

MD5
1e841f4f50d5b3de840fa9944aa57bfe

SHA1
c4cb1d0b38aba4b4361253343475d3ab61ded0eb

SHA256
a2129104106db68ba436f432391972bef04270994a8130a7ea21c0217d74476c

SHA512
10cff41ed8b3bed2d7632cca3eb8c112ced97f7329ff3410252939a24ef27b02c0eba274bdb5ca79b7ae910bf171d6143c8789d8464e076fe164195e923f5cd3

Download Submit
\Program Files\Documentation\parameter.exe

Filesize
387KB

MD5
dedd063809e2b6367b082a8544456bfc

SHA1
2329fd5c42fe4e6bd56e2f4c4605343399b0d029

SHA256
6a33509e2d3891a178d55647791d451305b6e6b26a04c2759ff275a26bf4625a

SHA512
2f38f378f160233c9806dc9263661786a5bdfb1053ad6ef416018fa7f7e1d4074a0c4ab993b92bb5417dfcca5ee63f92d6c142e76f2144913bf953a9d13dfcb6

Download Submit