Overview

overview

7

Static

static

3

2024-01-24...id.exe

windows7-x64

7

2024-01-24...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    121s
  • platform
    windows7_x64
  • resource
    win7-20231215-en
  • resource tags

    arch:x64arch:x86image:win7-20231215-enlocale:en-usos:windows7-x64system
  • submitted
    24-01-2024 11:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-24_61878d13706a94309500ff20c88f821f_icedid.exe

  • Size

    428KB

  • MD5

    61878d13706a94309500ff20c88f821f

  • SHA1

    b55ae0d37626f9f6c7c295169c57e790a49c3c09

  • SHA256

    3d163555c22f0a978b0ec89de51c41e824ce87631a1b64e5fe151ea8b58fc488

  • SHA512

    669a58827fff275c69ed1fa5cee64e50c8c61a9e318dfca96e83040c1561dd87893a5c7b97924b7620245cebf4953b4f99a1fa216847a66500138d764ee10d2a

  • SSDEEP

    12288:VplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:HxRQ+Fucuvm0as

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-24_61878d13706a94309500ff20c88f821f_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-24_61878d13706a94309500ff20c88f821f_icedid.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:1888
    • C:\Program Files\Call\command.exe
      "C:\Program Files\Call\command.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:1708

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Program Files\Call\command.exe
    Filesize

    428KB

    MD5

    7227a9f89eee682904bc5beef6506767

    SHA1

    05bc252a0ec0112cef114f65d1e08c0f61174497

    SHA256

    fe84ecba9b7eb06ddff03694446769fadec98cd015a376facff4242ab48a4267

    SHA512

    cc523166b9d496a3ac7da7ef7ed11454af885207f7f26b3cd9d38b14d33ef6e621161e68a7caa06c2f256834f5669a5b400d48394fbf611c2d1b743b686db61e

    Download Submit