Overview

overview

7

Static

static

3

2024-01-24...id.exe

windows7-x64

7

2024-01-24...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    120s
  • max time network
    124s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    24/01/2024, 21:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-24_f31fab948a65d14ef3a2b0b524459eaa_icedid.exe

  • Size

    308KB

  • MD5

    f31fab948a65d14ef3a2b0b524459eaa

  • SHA1

    5863692f49e51a8fedc834fa871edf4949d1a73c

  • SHA256

    d78c6fc956a27b2e50fb4660fdd37218c2991a507790c697ec77f5c9eb9a780e

  • SHA512

    daf5ea034c421ce95483e3d6b769cba90b835f06998b7e35f094ecebe508a8b5611e34e72bb60303c8ac6b55f461b1bb5b3e49035a9a61057958ef525f3f7cf3

  • SSDEEP

    3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 2 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-24_f31fab948a65d14ef3a2b0b524459eaa_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-24_f31fab948a65d14ef3a2b0b524459eaa_icedid.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1944
    • C:\Program Files\and\games.exe
      "C:\Program Files\and\games.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:2132

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\and\games.exe
    Filesize

    12KB

    MD5

    c6208dedaf1ee10826860b017c8470fe

    SHA1

    9bab29df51d3206fa5d74cb374d05c4f8554b19d

    SHA256

    d097116c04f53ed9b9943db91b5d756f97f996a4f6b2c4af1b33b1f5660f368c

    SHA512

    d4997253489459301791aa164201f4f91b5252564421d7e73bfdfe5b426dcb5ef2c22c87de159fc1298449bc83a3cb356355113c88e8d439bc318b94d60b3a25

    Download Submit

  • C:\Program Files\and\games.exe
    Filesize

    308KB

    MD5

    4864ee7540ec3ab759a86e4c54edc53c

    SHA1

    618e24f44c0d5da0c5c5782dc79d791b8c3bec61

    SHA256

    0c9252d020ea8f9141074e0ef21173557d9fcb6b38ccff5b41a7fed93a877c81

    SHA512

    6308202592a4dd9d945969527b9386c711b2096a5fda9764b5149c7678eea5c57443e278d1f4bed37bddc9c3fb96d5227605653e342886122288d868c8e56e74

    Download Submit

  • \Program Files\and\games.exe
    Filesize

    17KB

    MD5

    c64edef81c6fbf386478cf1663c49cf8

    SHA1

    10b6f4a7d032d1eba446cd1ae5de3e6ff4efc4dc

    SHA256

    5bc96d1697ec70ef755f886bc100a5cf8004cb30eba9c06769d4679daf18c950

    SHA512

    936ddec1c975680ee3fa2348bcee5a3acb81a4d24981170f834cc293f3e46b96bfd4d2b7c919bcf8d820786eda1de76333840debef6281011051dc21413e6b17

    Download Submit