d7d0bdae709a68def029d79fd43f03a53862bb2757096cac16c798f87c0ab940

Analysis

max time kernel
142s
max time network
152s
platform
windows10-2004_x64
resource
win10v2004-20231215-en
resource tags

arch:x64arch:x86image:win10v2004-20231215-enlocale:en-usos:windows10-2004-x64system
submitted
25/01/2024, 15:30

Target

2024-01-25_3a1161b00659d838ac9ae3b69c6724b5_icedid.exe
Size

314KB
MD5

3a1161b00659d838ac9ae3b69c6724b5
SHA1

cdc23f2d0bdb7b2770d9a75edb3cbb321383e9b9
SHA256

d7d0bdae709a68def029d79fd43f03a53862bb2757096cac16c798f87c0ab940
SHA512

6c13eaa77b65b95889a3108495e9148b132dc11713079d421b14855638cd61c2645095d47f39d3e0a0a6cf7a9dde628e9a42d32aa33954656f47646ca865577a
SSDEEP

3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R

Score

7^/10

Executes dropped EXE 1 IoCs

pid	Process
916	parameter.exe

Drops file in Program Files directory 2 IoCs

description	ioc	Process
File created	C:\Program Files\Documentation\parameter.exe	2024-01-25_3a1161b00659d838ac9ae3b69c6724b5_icedid.exe
File opened for modification	C:\Program Files\Documentation\parameter.exe	2024-01-25_3a1161b00659d838ac9ae3b69c6724b5_icedid.exe

Suspicious use of SetWindowsHookEx 8 IoCs

Suspicious use of WriteProcessMemory 3 IoCs

description	pid	Process	procid_target
PID 4340 wrote to memory of 916	4340	2024-01-25_3a1161b00659d838ac9ae3b69c6724b5_icedid.exe	88
PID 4340 wrote to memory of 916	4340	2024-01-25_3a1161b00659d838ac9ae3b69c6724b5_icedid.exe	88
PID 4340 wrote to memory of 916	4340	2024-01-25_3a1161b00659d838ac9ae3b69c6724b5_icedid.exe	88

C:\Program Files\Documentation\parameter.exe

Filesize
314KB

MD5
b431ab40145b10d53c612b2e73e2dd1e

SHA1
80ed0dea89933589c82ab1fb772e22960c75d5d6

SHA256
566943e0011aba18138b0a77f46a2481ea0d20a0d7dd1233e31e91568fd370d1

SHA512
ce459b3a62a8ea871f9e482cc9b64f5d3360b088ed67057150f8ca61f74efd2ce892f17a6d63952566bfda18a18c1e4ed83bec0d961c5de94277d36a3be42ac8

Download Submit