Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-01-11...id.exe

windows7-x64

7

2024-01-11...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    121s
  • max time network
    127s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    12/01/2024, 06:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-11_b7322f8be48469aae784b8ec8a355017_icedid.exe

  • Size

    425KB

  • MD5

    b7322f8be48469aae784b8ec8a355017

  • SHA1

    7bdfde5f182e63f50f0e10940ded2243c3ed370e

  • SHA256

    763ec9599caa6f8a9acfa60e2c8bc2cebcab2813267a6479c2cdfc0d125a9e57

  • SHA512

    968ced0a599e1c6551fa6cc8477f943dfa0efa7959800360142fd6a3a19a82dbabbd775c7852f9372b485431bf677dab7d382f37c8b5aa25de64b0d164ebf6a6

  • SSDEEP

    12288:qplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:GxRQ+Fucuvm0as

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-11_b7322f8be48469aae784b8ec8a355017_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-11_b7322f8be48469aae784b8ec8a355017_icedid.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3056
    • C:\Program Files\sure\headers.exe
      "C:\Program Files\sure\headers.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:1792

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\sure\headers.exe
    Filesize

    9KB

    MD5

    b93e3e00dd12279dca830423e970dc70

    SHA1

    ffff134231bbf1919e05bf8441f3711f498c0c53

    SHA256

    6a1ab554d22921dc3fc3d8c766e14a96add255bd566364145a134b828c355eb1

    SHA512

    2d3b52673f8d01f865f0beb42f7db8ddbb212d6713aa8fc707ae382b7f016536b19a88039240dd064661479021ffcabd4a1b7cc3aa0059d2caba12d59de1f2d2

    Download Submit

  • \Program Files\sure\headers.exe
    Filesize

    1KB

    MD5

    bbac23679414752c9a953fabd7089a11

    SHA1

    99a881d21e6f68bec624afae2f319cb1f141a782

    SHA256

    d6c80064bc18ca6667658b2b8bf58cdd1a4be458a1a0a56a02ace2851a6445e6

    SHA512

    4aca4fa7d3b0fa79f716d864d98b4a647ad876b2473971aab57999af84583eb6d0dba673d77a91bff3ac808450368032bdf507ba4ced23f1b61c2310e79f36c5

    Download Submit