d4667adb7d1a58ae9a46f19971b5bedce3a98f25a469ebb0fa65893d959d2b78

Analysis

max time kernel
122s
max time network
127s
platform
windows7_x64
resource
win7-20231215-en
resource tags

arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
submitted
24/01/2024, 02:50

Target

2024-01-24_4ece6228259553b9c2c8a21527005772_icedid.exe
Size

26.3MB
MD5

4ece6228259553b9c2c8a21527005772
SHA1

7495bf9bc9a15221faa4f967a790c0c84f8ced15
SHA256

d4667adb7d1a58ae9a46f19971b5bedce3a98f25a469ebb0fa65893d959d2b78
SHA512

c92a6c9204a32012b533676593e2049421951d0ed42ada186e25ee9420380b3a41375834b987df95e7cca5035f1fa17d9b006ca4fd21bd0db685eecd026d3804
SSDEEP

786432:PxAOplsrtcKE54F+wrQ0QVCSNfw5lW2fQw:k25UkfwjW23

Score

1^/10

Suspicious use of SetWindowsHookEx 2 IoCs

pid	Process
1988	2024-01-24_4ece6228259553b9c2c8a21527005772_icedid.exe
1988	2024-01-24_4ece6228259553b9c2c8a21527005772_icedid.exe

C:\Users\Admin\AppData\Local\Temp\2024-01-24_4ece6228259553b9c2c8a21527005772_icedid.exe
"C:\Users\Admin\AppData\Local\Temp\2024-01-24_4ece6228259553b9c2c8a21527005772_icedid.exe"
1⤵
- Suspicious use of SetWindowsHookEx
PID:1988

C:\Users\Admin\AppData\Roaming\Zcom503182\1110_00027.jpg

Filesize
480KB

MD5
b0bb9597794433fb1c988b0aee170020

SHA1
edc6113e2ab4cd83442da32a7b53f0f71d6389b6

SHA256
f77ab1757b5f551efc9adb102622357add66ac6c3dcea66b929547347337f977

SHA512
62395dbaee59571e711fd9ac3ef2099425dd808fba002048be955310cc69d197c38c0b3d5fe0db16cf13c4349ed0eb1512e6f70e8294360f852c80216ab9ba51

Download Submit
C:\Users\Admin\AppData\Roaming\Zcom503182\config.xml

Filesize
254B

MD5
e3f3047cc89bd166e862a8ff54acc62e

SHA1
ffadb97e98bd804a001c65e98b58f4a5aabb98df

SHA256
215d5f4d7bcca85bb19433d21f8bf656a4bf636eae45b2034def3a97b5c404ae

SHA512
03f11c22e4e5361ede61fe3a5d5ca10de452f9067b795218f570722ef77c08c8a3f194109fdbce39afe3bd56c4be4581195083424002fd5fc74b8d57d84e8f5b

Download Submit