Overview

overview

7

Static

static

3

2024-01-25...id.exe

windows7-x64

7

2024-01-25...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    131s
  • max time network
    160s
  • platform
    windows10-2004_x64
  • resource
    win10v2004-20231215-en
  • resource tags

    arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
  • submitted
    25/01/2024, 10:31

Sharing

Copy URL Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-25_f3a3e4514b09999aecdefff95d63a2a2_icedid.exe

  • Size

    382KB

  • MD5

    f3a3e4514b09999aecdefff95d63a2a2

  • SHA1

    e68df71f5be059776220ff4ecd3e210a5b1e5428

  • SHA256

    7c74c43a97a3126ce6b2e91e5bb4f178f6dce28fbf665884c857577ab912a232

  • SHA512

    9b9fd48c9dd6f485a1217e32b5d912d6cf36901af78b9a2f57b4450be7c2b8eaa49ebd8596b58c7a090c10d032acf235bb3ae8c17f504f08b254f00b23156133

  • SSDEEP

    6144:uplrlbbDdQaqd2X/96fr3KFEUGjr8uB2WgcA0cpXEVNrvGZ4FUqm6:uplrVbDdQaqdS/ofraFErH8uB2Wm0SXj

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Drops file in Program Files directory 1 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 3 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-25_f3a3e4514b09999aecdefff95d63a2a2_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-25_f3a3e4514b09999aecdefff95d63a2a2_icedid.exe"
    1⤵
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3184
    • C:\Program Files\folder\convention.exe
      "C:\Program Files\folder\convention.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:2208

Network

        MITRE ATT&CK Matrix

        Replay Monitor

        Loading Replay Monitor...

        Downloads

        • C:\Program Files\folder\convention.exe
          Filesize

          383KB

          MD5

          c5e6a76f4f7a20d9e2b7778fba8bd51e

          SHA1

          63eb7e5625dffeb68a9c75497765d1a912e24c42

          SHA256

          f1b98009e0bb7c99020695ae34beaae7f78331993c983ff4b56631feff6b40f9

          SHA512

          4875e8fcc67da66c512c4ec7f8d1da2627198bc6a31893f273e5078585cc017c25968c8a33bae19339609cd603fd3c472a6a608b6865ea7acdaf0ccb2748f436

          Download Submit