Analysis
-
max time kernel
122s -
max time network
125s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
25-01-2024 15:53
General
-
Target
2024-01-25_e489cd47cd247f176cf2d1e2b252f4c7_icedid.exe
-
Size
427KB
-
MD5
e489cd47cd247f176cf2d1e2b252f4c7
-
SHA1
deae441f03b470ddecab3055861421e8cd873b95
-
SHA256
d697cd0fefa11ff36271a32488c95046b5e3530fc891687e8664d2258c8c0cc4
-
SHA512
d08d36601cf247c95519c61e9d2da6d4748dc44e17f76ba8eb2cf1da1186b4386d9844ad512c2e8d50233a9b22c5ac4180a143048b8d2f3b84000bb4cc874f05
-
SSDEEP
12288:yplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:+xRQ+Fucuvm0as
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 1 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-25_e489cd47cd247f176cf2d1e2b252f4c7_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-25_e489cd47cd247f176cf2d1e2b252f4c7_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Inside\Education.exe"C:\Program Files\Inside\Education.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
C:\Program Files\Inside\Education.exeFilesize
427KB
MD5603d9f038f9e75d1d9bb0c1677f7e295
SHA1774fc55eddd63209fbfca50e4fe0495476f9c1f9
SHA2568872b54bd37d954beb297e2a33042fe95fca10770a0a818e8db4f147bef571e0
SHA512f6285c5ab12a63a57970a046286c1ebc914f953dcedff361cd09a00f02e83c59ff6f151e57f100cf9f9ebe05488e55978f257dfe52b2557dd47866dc4457ee73