Overview

overview

7

Static

static

3

2024-01-11...id.exe

windows7-x64

7

2024-01-11...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    122s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    12-01-2024 05:55

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-11_136fa6156421a2329008d436be88b075_icedid.exe

  • Size

    376KB

  • MD5

    136fa6156421a2329008d436be88b075

  • SHA1

    3116eb3d07f9e654bb947e202fdcd4e86d1dcc9c

  • SHA256

    15b8764074373681a6cc968ef470cf2eeba53acb9e3068050cdc176c0e04558a

  • SHA512

    08fbe71fa39d8dd51f5c6b2a03abab3b582bc2a7d5737021ecf66be83b6a67fed5759c5d5ae61bb28ad90b3cc4a9c2c41852db450b503cde5e254eda1c383b7b

  • SSDEEP

    6144:GplrlbbDdQaqd2X/96fr3KFEUGjr8uB2WgcA0cpXEVNrvGZ4FUqm6:GplrVbDdQaqdS/ofraFErH8uB2Wm0SXj

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-11_136fa6156421a2329008d436be88b075_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-11_136fa6156421a2329008d436be88b075_icedid.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1888
    • C:\Program Files\Addison\Wesley.exe
      "C:\Program Files\Addison\Wesley.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:1708

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Program Files\Addison\Wesley.exe
    Filesize

    377KB

    MD5

    50e0babb1933400d6757b7484f16b5e6

    SHA1

    d112fc029a9e2ad2964f2f580b1acde536ab9770

    SHA256

    f1b28ae38c8c6a2a7f973bf9d4dfd435f1cc8385e979e22bdfb3c136b002e8a8

    SHA512

    d12c63ea3284687fd80e3371f5a862281e9b1c98e272d6179bf0f0f830c571d398c163f67080ae6e0f3c0fbd2393e1ccea902f15d90989911bcf7ee6265de8dc

    Download Submit