Analysis
-
max time kernel
141s -
max time network
152s -
platform
windows10-2004_x64 -
resource
win10v2004-20231215-en -
resource tags
-
submitted
23/01/2024, 19:32
General
-
Target
2024-01-23_5022e82620669173cf7f4d0803ec9b46_icedid.exe
-
Size
380KB
-
MD5
5022e82620669173cf7f4d0803ec9b46
-
SHA1
9ec28f5751f2ecc951b54905517fb3b69c5b6e4a
-
SHA256
6bcc4a1da5d200d1c0d1209ee00d3b1721c40c680a2ce5fa6527272fee3cc893
-
SHA512
865fa002c26bcfbd35a618d6ea2bf096fce2b37e8ef936b0a8dbf85d6996cc5b9e9a450056d0382a683f3edea29196e44bc2a1d1a054c716276dfc79f4a87b4a
-
SSDEEP
6144:WplrlbbDdQaqd2X/96fr3KFEUGjr8uB2WgcA0cpXEVNrvGZ4FUqm6:WplrVbDdQaqdS/ofraFErH8uB2Wm0SXj
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Drops file in Program Files directory 1 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-23_5022e82620669173cf7f4d0803ec9b46_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-23_5022e82620669173cf7f4d0803ec9b46_icedid.exe"1⤵
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\build\match.exe"C:\Program Files\build\match.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
380KB
MD57b68f8a69496df5ba73e07af9ad72b30
SHA1f3aa1deed8333b4323e206cc632ab7f931e23c38
SHA2564e7fd9a5bfc7f9d8cf675245ecf73902cb3ade372ea25aeaa9155e841d034aff
SHA512ff255cc52b3e1186796fa76635bce41efb6aa90fdcd7d44970319491b5ae18cb3ee91a93d83c9a43816e2adcc9014232781f3d296037b8c974a3da9838d7f1ae