Overview

overview

7

Static

static

3

2024-01-24...id.exe

windows7-x64

7

2024-01-24...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    90s
  • max time network
    129s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231222-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231222-enlocale:en-usos:windows10-2004-x64system
  • submitted
    24-01-2024 11:28

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-24_61878d13706a94309500ff20c88f821f_icedid.exe

  • Size

    428KB

  • MD5

    61878d13706a94309500ff20c88f821f

  • SHA1

    b55ae0d37626f9f6c7c295169c57e790a49c3c09

  • SHA256

    3d163555c22f0a978b0ec89de51c41e824ce87631a1b64e5fe151ea8b58fc488

  • SHA512

    669a58827fff275c69ed1fa5cee64e50c8c61a9e318dfca96e83040c1561dd87893a5c7b97924b7620245cebf4953b4f99a1fa216847a66500138d764ee10d2a

  • SSDEEP

    12288:VplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:HxRQ+Fucuvm0as

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-24_61878d13706a94309500ff20c88f821f_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-24_61878d13706a94309500ff20c88f821f_icedid.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3348
    • C:\Program Files\systems\supports.exe
      "C:\Program Files\systems\supports.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:456

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • C:\Program Files\systems\supports.exe
    Filesize

    49KB

    MD5

    97aa031da77ec4c0d55079db1c9acfb9

    SHA1

    c579756eace3ac2c3c4d73a9c3f216d95c56c65d

    SHA256

    3560bf81c06571d6c77b6c98742f2fceae94d850108bf46b26ff5f40cadd6858

    SHA512

    0dd5e9c1f019a1953eb8e9f9ddb6ed815bf9a87f0697c7f25ad306092d1d17d6aeaa12cf53d87383910520d22a405165b5a637f7cd204ccd1bed5104163de4bd

    Download Submit

  • C:\Program Files\systems\supports.exe
    Filesize

    59KB

    MD5

    14da75a5110010f50386a6d2ab5ec1b7

    SHA1

    ccfbffbbff38fbf58bef61cfd9721c0016110fe5

    SHA256

    5e9b671e11ac71b00385636518bb76481a259b5ffb8be232a67cf46d050040a7

    SHA512

    8254c0f2d9989802909affc1a8704c7e7f214a6c5cb689a1630c30d366451d942387b48849ba3a0ee907751b1f1afc6a015046ac6e4ade516ae240fb35f0f24e

    Download Submit