Analysis
-
max time kernel
91s -
max time network
151s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
18-01-2024 23:11
General
-
Target
2024-01-18_a3fa1f78f5e9e310ab9d2ccfdcf04ab9_icedid.exe
-
Size
382KB
-
MD5
a3fa1f78f5e9e310ab9d2ccfdcf04ab9
-
SHA1
2e8a83f8bc1ad8ddceb769288d4d7e32bc8684ae
-
SHA256
3671b7a6e74d7707bd02cbadb7abcee32f20b1fd028de7f7f1e3996772daadd5
-
SHA512
56c185323e8e6a6ac11f747a724ec017dd6ab04247b9be71817192ef97c4be98bd1477f7a7cd98d3a53554d25fd471f38461bfd8fb4cbcdcd9a856fc0de0d920
-
SSDEEP
6144:kplrlbbDdQaqd2X/96fr3KFEUGjr8uB2WgcA0cpXEVNrvGZ4FUqm6:kplrVbDdQaqdS/ofraFErH8uB2Wm0SXj
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Drops file in Program Files directory 1 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-18_a3fa1f78f5e9e310ab9d2ccfdcf04ab9_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-18_a3fa1f78f5e9e310ab9d2ccfdcf04ab9_icedid.exe"1⤵
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\development\appropriate.exe"C:\Program Files\development\appropriate.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
382KB
MD56fc9ed81b16041fccc5133111893a7cf
SHA14f12c9e7ba328f6985d35a4de85c93699f4dd81c
SHA2566079fd54b9186c06e6e5ad8ed2082ee1546fb3e67696868751eb2a56523788e2
SHA5129fc005f86751e044930794631d0b947771179cbe7cf45a92d933c8b654937e9e36fb5b688263e847d22919bd1e39d5cfa21a0ad6c14255ceeee1a02b99b8e212