Overview

overview

7

Static

static

3

2024-01-18...id.exe

windows7-x64

7

2024-01-18...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    150s
  • max time network
    152s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    18/01/2024, 22:52

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-18_68dc415d2318692843b491412e203421_icedid.exe

  • Size

    311KB

  • MD5

    68dc415d2318692843b491412e203421

  • SHA1

    eeea5b3e077d581af384803bb503b8d964efdef8

  • SHA256

    daaee0c6a388749d8d69e48e7a2fd7bee8c19908383bf028d6bd6c803b5d7275

  • SHA512

    43f794274a10c4b884a96ca57dc699881b887616be216b63270f95549238bf5ba5ecbbb2725284ace162fbbe9a010120880c3a6693428eea8d09e7d166a377de

  • SSDEEP

    3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 2 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-18_68dc415d2318692843b491412e203421_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-18_68dc415d2318692843b491412e203421_icedid.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:564
    • C:\Program Files\Reducing\theHelp.exe
      "C:\Program Files\Reducing\theHelp.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:2180

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Program Files\Reducing\theHelp.exe
          Filesize

          311KB

          MD5

          16cc8f562409e838ef41f1bda9032d21

          SHA1

          cc7a011dca16d0286e0e931e1664e5b77cdc0419

          SHA256

          91e1154ea3b2f9ee4c00b3678347142c929aeb2c4bd05f705ed19cc2911a5bcc

          SHA512

          0e72412d1054d3bcec3261dac1c5a839f2a86c6104149bcb9faae74a9150a57d2b759ac0dc26b0c1f0f61908ff3cb46186a5d6dfb71f0af02fd623a611e6dfd9

          Download Submit

        • C:\Program Files\Reducing\theHelp.exe
          Filesize

          283KB

          MD5

          6e1d457c2e19b23adaa521a6b933f4ca

          SHA1

          da284bd08a504b8d876c8be41b1bd3d0cca6660b

          SHA256

          e3c1959955db9dc82d838b16b9c8c1d5eb6854428c1207994a673c7ecf440c13

          SHA512

          70623f322b875c7a71ebe82d7f75313782c1a48fba0392b9ff51a8d34bf2dee80d7f6497f7be3c3a52f9926ab1f1ad5d369f5a671243e70bc53622066023be97

          Download Submit