Analysis
-
max time kernel
134s -
max time network
138s -
platform
windows10-2004_x64 -
resource
win10v2004-20231222-en -
resource tags
-
submitted
25-01-2024 06:25
General
-
Target
2024-01-25_359d57c2ac763f76ba6b0ec8874f00f6_icedid.exe
-
Size
311KB
-
MD5
359d57c2ac763f76ba6b0ec8874f00f6
-
SHA1
8addf4e25c8ccb777318da23409766564beaeee9
-
SHA256
3e6bfe642d40f3cad232079cd42ae976a03e7788711b69ce89fc81d554c179d2
-
SHA512
36afed4f2c86d801631aa51ab59108744f124c12806a92a06eaa6c40c377af3e6c760889483352668c74518ecebde002f870d857accf8398cabc334a67e7c74b
-
SSDEEP
3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Drops file in Program Files directory 2 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 3 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-25_359d57c2ac763f76ba6b0ec8874f00f6_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-25_359d57c2ac763f76ba6b0ec8874f00f6_icedid.exe"1⤵
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\platforms\distribution.exe"C:\Program Files\platforms\distribution.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
312KB
MD53816ac03f2a1284a5eaac01eb4a4ea78
SHA17352185c8a921aff911cc9ad26b61a4452139a25
SHA25662bfdec8deeb064112c25bd8004b64cc90cae5925523108a07bc2fa71ac3e533
SHA51220e3e32528209f62864885df5fde9403c20dd90481fd21ca99cca5352e53ccaf175457c86641a67b246d3195827d4b00d25b279ef8f76fc1ca3f54da11f9f7a2