Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

7

Static

static

3

2024-01-26...id.exe

windows7-x64

7

2024-01-26...id.exe

windows10-2004-x64

7

Analysis

  • max time kernel
    117s
  • max time network
    118s
  • platform
    windows7_x64
  • resource
    win7-20231129-en
  • resource tags

    arch:x64arch:x86image:win7-20231129-enlocale:en-usos:windows7-x64system
  • submitted
    26/01/2024, 20:26

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    2024-01-26_293061b4100d9e806d53ea8b368e8389_icedid.exe

  • Size

    314KB

  • MD5

    293061b4100d9e806d53ea8b368e8389

  • SHA1

    5697c815e449d77100cf05d63aff6eb36aee6882

  • SHA256

    70d3ebd7bc41a256a5a25e08bea4614118ac71a9803cf169c8815c505a94861e

  • SHA512

    c9648d19f11fcf9a5dcc6c46641e63ad1e95f39bfbfa94c7110dbca84b85c44f618c59938a78c1392ce1c68b99bcbd3edec49ae93e309d0a8613964d366d499a

  • SSDEEP

    3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R

Score
7/10

Malware Config

Signatures

  • Executes dropped EXE 1 IoCs
  • Loads dropped DLL 2 IoCs
  • Drops file in Program Files directory 2 IoCs
  • Suspicious use of SetWindowsHookEx 8 IoCs
  • Suspicious use of WriteProcessMemory 4 IoCs

Processes

  • C:\Users\Admin\AppData\Local\Temp\2024-01-26_293061b4100d9e806d53ea8b368e8389_icedid.exe
    "C:\Users\Admin\AppData\Local\Temp\2024-01-26_293061b4100d9e806d53ea8b368e8389_icedid.exe"
    1⤵
    • Loads dropped DLL
    • Drops file in Program Files directory
    • Suspicious use of SetWindowsHookEx
    • Suspicious use of WriteProcessMemory
    PID:3040
    • C:\Program Files\Composition\Performance.exe
      "C:\Program Files\Composition\Performance.exe" "33201"
      2⤵
      • Executes dropped EXE
      • Suspicious use of SetWindowsHookEx
      PID:2864

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads

  • \Program Files\Composition\Performance.exe
    Filesize

    314KB

    MD5

    0f4be69a03db9a348279625199481e13

    SHA1

    650feba621c3300e5bb5966f90c1d756576cee9f

    SHA256

    0fe05dce1c59c7d91d32191bd4bfc67a9dbdf7c206d72b05c87e11f26439f97d

    SHA512

    3fd1532eaa83a2b20f5b04ceac23b27ecb26f19162ba961d3ff1aa82a47d24228a729e057e5d645a502727863995c5752dbb8aff02d920422d1b76db21c71683

    Download Submit