Windows 7 deprecation
Windows 7 will be removed from tria.ge on 2025-03-31
Analysis
-
max time kernel
139s -
max time network
162s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
18/01/2024, 23:04
General
-
Target
2024-01-18_8f588dfda4863eaf380b11ab65863700_icedid.exe
-
Size
311KB
-
MD5
8f588dfda4863eaf380b11ab65863700
-
SHA1
afad873981fd460064932898b52f876976e91fc8
-
SHA256
13554d1f4d15b0260ca8981ed565dda6ad68feaf2a1e058af76c31130dfd3c67
-
SHA512
f927f7c526a509b983e49c52a37ec1710f4a9881ba04943437c599675963d57f56c42a4e1220b933aaf1fd5e853ac44171c84bac909491224fa7203da57a7dc1
-
SSDEEP
3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Drops file in Program Files directory 2 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-18_8f588dfda4863eaf380b11ab65863700_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-18_8f588dfda4863eaf380b11ab65863700_icedid.exe"1⤵
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Redist\license.exe"C:\Program Files\Redist\license.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
311KB
MD55c298b1b1f5101d999119a98c097c67d
SHA1aae1fefffff592e91570dac29e010d5a3e67b381
SHA25693f914516916af7d7d6a95149136da420366e301de3b7b5e6cee18f0b8b02ce3
SHA512e787877d6b583b52ad1fda4ec1c307c96feb4dae03edecaa1e6092d2af7212472a74e1e41320d8b6fc0472eba60254912efb012cb50a144a0d8d0c88c7ccbf77