Overview

overview

7

Static

static

3

2024-01-11...id.exe

windows7-x64

7

2024-01-11...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    189s
  • max time network
    210s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    12/01/2024, 06:03

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-11_9bd29a1a40febd0d117eb84d3035753f_icedid.exe

  • Size

    377KB

  • MD5

    9bd29a1a40febd0d117eb84d3035753f

  • SHA1

    e1721cb70a9cd8df141cc143027b0b875c8d9b37

  • SHA256

    f2cb0daba0eacd7fe8d7344f24f25507c5c19a558ae973f1536df928acff8cd5

  • SHA512

    79e39491d82bb02fa63300519c76089941b903410020b6d4848b0c07f95f43588e3951b7c4f2208a2cad45f0277ce7beeb721c387d765f263f7db0e9c8f98d54

  • SSDEEP

    6144:4plrlbbDdQaqd2X/96fr3KFEUGjr8uB2WgcA0cpXEVNrvGZ4FUqm6:4plrVbDdQaqdS/ofraFErH8uB2Wm0SXj

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-11_9bd29a1a40febd0d117eb84d3035753f_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-11_9bd29a1a40febd0d117eb84d3035753f_icedid.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:4372
    • C:\Program Files\Brockschmidt\Inside.exe
      "C:\Program Files\Brockschmidt\Inside.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:1684

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\Brockschmidt\Inside.exe
    Filesize

    373KB

    MD5

    6a7317e2aeb41e33022d279bb1605bff

    SHA1

    ae28651277808cb02cab51518f1d333ddc30dcb6

    SHA256

    e302c88b1e07440b5cac47a1d3685fc706aa787254dfc42183ee8ddee8dd1744

    SHA512

    8ee9adf81ba5c8c0059e6592de7fbc81fa7c79b94acb21d4267e83986086c3db00d1522fdb20cc68228b6b0059cc6ed4b7a6a6553fdfd98b3215261336196a3b

    Download Submit

  • C:\Program Files\Brockschmidt\Inside.exe
    Filesize

    259KB

    MD5

    96df1e8b1a5651f1da42683f172ed4cc

    SHA1

    29e774ed2639cef98071bc429442c4826353e81a

    SHA256

    e1272cb752c59fd15c732695460e5905c0094790acad8cf51e7dc2d72d8275cd

    SHA512

    30592d1d5f1e3c7eedf3b8ae258865d220c95d9cd7374112f4df181897ce2a3398d764a903631f7ecbe8991861bb0ef169c4a906dd05a98bacc714c30f8e78aa

    Download Submit