Analysis
-
max time kernel
121s -
max time network
121s -
platform
windows7_x64 -
resource
win7-20231129-en -
resource tags
-
submitted
27/01/2024, 07:30
General
-
Target
2024-01-27_bbf6222eeda125caca4d75a1884c97b3_icedid.exe
-
Size
308KB
-
MD5
bbf6222eeda125caca4d75a1884c97b3
-
SHA1
cef28af0629d780ad811770dcdff769a6e920fc9
-
SHA256
a8f0612a1d8e3492c12ed2111fefc8781ff674580f6edaa9bec92fbee78e792e
-
SHA512
8a29bac455c0c1d09dcaa265a1d4cc0cfe0a8f610c548911a2a7b4ea0c224fc107939cb54609eafe9f1f4224e41b54c55089e70cc4a8a0bcd175524b37bac315
-
SSDEEP
3072:lxUm75Fku3eKeJk21ZSJReOqlz+mErj+HyHnNVIPL/+ybbiGF+1u46Q7q303lU8O:fU8DkpP1oJ1qlzUWUNVIT/bbbIW09R
Score
7/10
Malware Config
Signatures
-
Executes dropped EXE 1 IoCs
-
Loads dropped DLL 2 IoCs
-
Drops file in Program Files directory 2 IoCs
-
Suspicious use of SetWindowsHookEx 8 IoCs
-
Suspicious use of WriteProcessMemory 4 IoCs
Processes
-
C:\Users\Admin\AppData\Local\Temp\2024-01-27_bbf6222eeda125caca4d75a1884c97b3_icedid.exe"C:\Users\Admin\AppData\Local\Temp\2024-01-27_bbf6222eeda125caca4d75a1884c97b3_icedid.exe"1⤵
- Loads dropped DLL
- Drops file in Program Files directory
- Suspicious use of SetWindowsHookEx
- Suspicious use of WriteProcessMemory
-
C:\Program Files\download\Extracted.exe"C:\Program Files\download\Extracted.exe" "33201"2⤵
- Executes dropped EXE
- Suspicious use of SetWindowsHookEx
-
Network
MITRE ATT&CK Matrix
Replay Monitor
Loading Replay Monitor...
Downloads
-
Filesize
308KB
MD5daf7ee321e9f4b66905fb768df0cd0eb
SHA1cdd8d31a2b42be23db715e6b72931309c4db12af
SHA256d6b49bd50af61e9eb6279360b8a62a531e11c95cad621ab49120199171faf372
SHA512f6d2585a63442a995597ae4e0eb1044d54de9e5ad3a60f5f23bcae15cdd590bdaf8ecd2a31b18cdad5c549a147ab8674dfa85802f975b27bb06efe46b9828d5a