Analysis
-
max time kernel
119s -
max time network
120s -
platform
windows7_x64 -
resource
win7-20231215-en -
resource tags
-
submitted
25-01-2024 17:26
General
-
Target
2024-01-25_3bc16bb04f3574e305394d3d54799d35_icedid.exe
-
Size
387KB
-
MD5
3bc16bb04f3574e305394d3d54799d35
-
SHA1
4bd6d5d65f69ece6e865178276c20018721f4f71
-
SHA256
08bef659c1dd35c434b4fb0ede992e4b19cb9aa9faaf52bb623ed95b8431f2a8
-
SHA512
a398f1a0b31334be3bb69f1030abea68800b7fe3ef9d91c98b2c21e4f54881a0267245cdfdc53a3316d9d9ee984be200381ed1b11d8dff002a96f88b936c649e
-
SSDEEP
12288:QplrVbDdQaqdS/ofraFErH8uB2Wm0SXsNr5FU:sxRQ+Fucuvm0as
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 1 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-25_3bc16bb04f3574e305394d3d54799d35_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-25_3bc16bb04f3574e305394d3d54799d35_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\Debugging\Internals.exe"C:\Program Files\Debugging\Internals.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
387KB
MD5885600d6c628c0560a5270cba478d1f7
SHA17984019f2c9aa35ac5b8ccb4e50bda2d93d80cf3
SHA25637419232a1faf38a8111e245c1c10060837644c221f37a56e26137945d9c995c
SHA51298ba8012a89763fb9b6794ce11b9255d4229ce22914c84b0c64a85b9a563705e77a573d3ff84aa24e3c6387cf1ea89dc2ab886194f02d0b86a224858dcdad40f